CVE-2018-19441

An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of the NeatoCrypto library generates insufficiently random numbers for robot secretkey values used for local and cloud authentication/authorization. If an attacker knows the serial number and is able to...

Authentication flaw

An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of the NeatoCrypto library generates insufficiently random numbers for robot secretkey values used for local and cloud authentication/authorization. If an attacker knows the serial number and is able to...

The vulnerability in the driver drivers/nfc/pn533/usb.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the Linux kernel’s drivers/nfc/pn533/usb.c module relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure using a malicious USB device...

The vulnerability in the driver drivers/usb/core/file.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/usb/core/file.c file of the Linux operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability in the driver drivers/usb/class/cdc-acm.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/usb/class/cdc-acm.c file of the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `serial_ir_init_module()` function (drivers/media/rc/serial_ir.c) in the Linux kernel allows a attacker to compromise the integrity, confidentiality, and accessibility of the protected information.

The vulnerability of the serialirinitmodule function drivers/media/rc/serialir.c in the Linux kernel is related to the use of memory after it has been freed. Exploiting this vulnerability could allow an attacker to compromise the integrity, confidentiality, and accessibility of the protected...

CVE-2015-5745

Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...

DEBIAN-CVE-2015-5745

Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...

CVE-2015-5745

Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...

CVE-2015-5745

CVE-2015-5745: A buffer overflow in QEMU’s virtio-serial device (send_control_msg in hw/char/virtio-serial-bus.c) allows a crafted virtio control message from a guest to crash the QEMU process. Affects QEMU before 2.4.0. Multiple sources (Debian DSA-3349-1; Gentoo GLSA 201602-01; Arista advisory)...

CVE-2015-5745

Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1488)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422)

A flaw was found in the serialization component of OpenJDK handled serialization filter. A process-wide filter could have been modified by setting jdk.serialFilter system property at runtime, possibly leading to a bypass of the intended filter during deserialization...

The vulnerability of Siemens S7-1200 microprogramming software lies in the presence of unsafe functions during physical connection via the UART interface. This allows attackers to obtain additional diagnostic information during the device loading process.

The vulnerability of Siemens S7-1200 microprogramming software is related to the presence of unsafe functions during physical connection via the UART interface. Exploiting this vulnerability can allow an attacker to obtain additional diagnostic information during the device loading process...

USN-4227-2 linux-azure vulnerabilities

USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the...

USN-4228-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14895, CVE-2019-14901 It was discovered that a...

CVE-2019-20348

OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitrary commands with root privileges and conduct further attacks...

CVE-2019-20348

OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitrary commands with root privileges and conduct further attacks...

Realtek Chip ADSL Cat/Optical Cat Serial Port Command Execution Vulnerability in Realtek Semiconductor Co.

Realtek Corporation Realtek is a supplier of audio and networking chips. Realtek Semiconductor Corporation Realtek chip ADSL cat/optical cat serial port there is a command execution vulnerability, an attacker can use the vulnerability through the modem's arbitrary IPv4 address to access the...

Cisco Data Center Network Manager getSwitchName SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...