CVE-2022-23141

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information...

CVE-2022-23141

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information...

Design/Logic Flaw

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information...

CVE-2022-23141

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information...

ZTE ZXMP M721 日志信息泄露漏洞

The ZTE ZXMP M721 is a metro edge OTN Optical Transport Network device from ZTE, China. An information leakage vulnerability exists in the ZTE ZXMP M721 commond21bootv100004ls1045 version. The vulnerability stems from the fact that although the serial authentication of the ZBOOT interface is...

VulnCheck KEV: CVE-2022-2003

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect...

USN-5513-1 linux-aws vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

CVE-2022-34743

The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-33711

Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.515.3.el7 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2.el7 -...

Unbreakable Enterprise kernel security update

4.14.35-2047.515.3 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2 - net/rds:...

The vulnerability of the EXI syntax analysis function in communication devices that connect vehicles to the OpenV2G network allows a perpetrator to cause service interruptions.

The vulnerability of the EXI file syntax analysis implementation in vehicle communication devices connected to the OpenV2G network is related to the issue where the operation goes beyond the buffer boundaries in memory during the verification of the length of X509 certificates’ serial numbers...

Fedora: Security Advisory for golang-bug-serial-1 (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-bug-serial-1-1.3.5-3.fc36

A cross-platform serial library for Golang...

CVE-2022-32295

On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...

Ampere Computing Ampere Altra 安全漏洞

The Ampere Computing Ampere Altra is an 80-core server processor from Ampere Computing, USA. A security vulnerability exists in the Ampere Computing Ampere Altra that stems from a UEFI-accessible Altra reference design that allows insecure access to the SPI-NOR by operating system/manager...

The vulnerability of the Bluetooth Low Energy (BLE) implementation of the Meeting Owl Pro camera’s software, which allows a intruder to circumvent existing security restrictions through brute-force attacks.

The vulnerability of the Bluetooth Low Energy BLE implementation of the Meeting Owl Pro video conference camera’s software lies in the use of a hardcoded password for user accounts, which is obtained from the device’s serial number. Exploiting this vulnerability could allow an attacker to...

GSD-2022-1003940 drivers: tty: serial: Fix deadlock in sa1100_set_termios()

drivers: tty: serial: Fix deadlock in sa1100settermios This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...

GSD-2022-1003827 drivers: tty: serial: Fix deadlock in sa1100_set_termios()

drivers: tty: serial: Fix deadlock in sa1100settermios This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...

GSD-2022-1003681 drivers: tty: serial: Fix deadlock in sa1100_set_termios()

drivers: tty: serial: Fix deadlock in sa1100settermios This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...