Denial Of Service (DoS)

kernel is vulnerable to denial of service. A NULL pointer dereference in drivers/tty/serial/8250/8250core.c:serial8250isainitports allows local users to cause a denial of service by using the p-serialin pointer which is uninitialized...

kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver

A flaw was found in the Linux kernel’s implementation for ADU devices from Ontrak Control Systems, where an attacker with administrative privileges and access to a local account could pre-groom the memory and physically disconnect or unload a module. The attacker must be able to access either of...

kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c

A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports 0x2E8, 0x2F8, 0x3E8, 0x3F8 are not available. This flaw allows a local user to crash the system. The highest threat from this...

kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver

A flaw was found in the Linux kernel’s implementation for ADU devices from Ontrak Control Systems, where an attacker with administrative privileges and access to a local account could pre-groom the memory and physically disconnect or unload a module. The attacker must be able to access either of...

kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c

A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports 0x2E8, 0x2F8, 0x3E8, 0x3F8 are not available. This flaw allows a local user to crash the system. The highest threat from this...

openSUSE Security Update : monitoring-plugins-smart (openSUSE-2021-706)

This update for monitoring-plugins-smart fixes the following issues : monitoring-plugins-smart was updated to 6.9.1 : This is a security-release boo1183057 + Fixes the regular expression for pseudo-devices under the /dev/bus/N path. from 6.9.0 + Allows using PCI device paths as device names 64 +...

CVE-2020-27185

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service...

Authentication flaw

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service...

PT-2024-11093 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the usb: dwc3: gadget. The issue arises when the gadget structure is freed before freeing the endpoints, resulting in a...

MOXA NPort IA5150A 访问控制错误漏洞

MOXA Moxa NPort IA5150A Series is an industrial control device server from China Moxa MOXA. for 1-port RS-232 / 422/485 industrial automation device server with serial/LAN/power surge protection, two 10/100BaseTX ports with single IP, and operating temperature from 0 to 60°C. The NPort IA5150A...

PT-2021-7999 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a NULL-pointer dereference in the hso serial tty unregister function of the Linux kernel's USB HSO driver. This could allow a remote attacker to cause a denial ...

CVE-2020-14105

The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI 2020.01.15...

Xiaomi 10 安全漏洞

Xiaomi 10 is a smartphone from Chinese company Xiaomi. The Xiaomi 10 MIUI version prior to 2020.01.15 suffers from an information disclosure vulnerability that stems from the fact that the mobile app can read the SNO information of the device. No details of the vulnerability are currently availab...

CVE-2021-0428

In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

@concepto/eb (>=1.1.7 <=1.1.95), @concepto/nuxt (=1.9.427) +11 more potentially affected by CVE-2019-10804 via serial-number (>=0.3.0 <=1.3.0)

serial-number NPM version =0.3.0, =1.1.7, =0.0.1, =1.9.35, =1.1.0, =1.1.1, =0.2.1, =0.1.4, =0.1.1, =0.1.24, =2.5.0, =3.1.1 Source cves: CVE-2019-10804 Source advisory: OSV:GHSA-3FW4-4H3M-892H...

OS Command Injection in serial-number

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation...

GHSA-3FW4-4H3M-892H OS Command Injection in serial-number

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation...

Xiaomi MIUI OS 安全漏洞

Xiaomi MIUI OS is a set of customized Android-based mobile operating systems from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in versions of Xiaomi MIUI OS prior to 2020.01.15, which allows to read the SNO information of a device...

May 20, 2021—KB5003217 (OS Build 17763.1971) Preview

May 20, 2021—KB5003217 OS Build 17763.1971 Preview 5/11/21 REMINDER Windows 10, version 1809 reached end of service on May 11, 2021 for devices running the Enterprise, Education, and IoT Enterprise editions. After May 11, 2021, these devices will no longer receive monthly security and quality...

May 20, 2021—KB5003212 (OS Build 18363.1593) Preview

May 20, 2021—KB5003212 OS Build 18363.1593 Preview 5/11/21 REMINDER Windows 10, version 1909 reached end of service on May 11, 2021 for devices running the Home, Pro, Pro for Workstation, Nano Container, and Server SAC editions. After May 11, 2021, these devices will no longer receive monthly...