CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2 days ago•25 views

CVE-2025-15653 Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation

7CVSS0.00022EPSS

CVE•added 2 days ago•9 views

CVE-2025-15653

The affected products are Dräger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations. The vulnerability is a local privilege escalation via unprotected USB interfaces that attackers with physical access can exploit to compromise software integrity. Reported impact includes ...

7CVSS5.8AI score0.00022EPSS

Vulnrichment•added 2 days ago•2 views

CVE-2025-15653 Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation

7CVSS5.8AI score0.00022EPSS

SUSE CVE•added 6 days ago•5 views

SUSE CVE-2026-46228

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

NVD•added last week•8 views

CVE-2026-46228

0.00022EPSS

EUVD•added last week•6 views

EUVD-2026-32855

CVE•added last week•8 views

CVE-2026-46228

CVE-2026-46228 affects the Linux kernel SPI/ch341 USB driver. The issue is a lifetime problem: USB device-managed resources (controller and driver data) were not guaranteed to be released when a driver is unbound, risking memory leaks during probe deferral or configuration changes. The fixes modi...

Cvelist•added last week•21 views

CVE-2026-46228 spi: ch341: fix devres lifetime

0.00022EPSS

ATTACKERKB•added last week•2 views

CVE-2026-46228

Exploits0References4Affected Software1

Positive Technologies•added 2026/05/28 12:0 a.m.•3 views

PT-2026-44351

Cvelist•added 2026/05/27 12:59 p.m.•31 views

Exploits0References4

CVE-2026-46103 can: ucan: fix devres lifetime

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

0.00032EPSS

Exploits0References6

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: hfcsusb: fixed a memory leak in hfcsusbprobe In hfcsusbprobe, the memory allocated for ctrlurb gets leaked when setupinstance fails with an error code. This issue was addressed by freeing the urb before freeing th...

6AI score0.00046EPSS

Exploits0References1

RedHat Linux•added 2026/05/19 1:29 p.m.•4 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. In affected versions the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read...

9.1CVSS5.9AI score0.0011EPSS

Exploits1References6

Cvelist•added 2026/05/08 2:22 p.m.•23 views

CVE-2026-43432 usb: xhci: Fix memory leak in xhci_disable_slot()

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...

0.00013EPSS

Exploits0References8

CVE•added 2026/05/08 2:21 p.m.•6 views

CVE-2026-43375

CVE-2026-43375 concerns the Linux kernel in the MCTP path. A leak occurs during probe failures because the driver saves a reference to the USB device but fails to release it on error paths. The fix drops the redundant device reference to prevent memory leaks when the probe fails, simplifying driv...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References3Affected Software1

CNNVD•added 2026/05/06 12:0 a.m.•1 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect path not releasing the v4l2 control handler in the usbkeeneprobe function, potential...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, the URBDRC client did not perform bounds checking on the MSUSBINTERFACEDESCRIPTOR values provided by the server and used these values as indices in libusbudevcompletemsconfigsetup, resulting in an...

9.1CVSS5.8AI score0.0011EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: USB: ULPI: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must also contain a call to dput; otherwise, a memory leak will occur over time. To simplify things, simply call...

5.5CVSS5.7AI score0.00014EPSS

Exploits0References1

SUSE CVE•added 2026/04/25 1:37 a.m.•1 views

SUSE CVE-2026-31620

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 A malicious USB device with the TASCAM US-144MKII device id can have a configuration containing bInterfaceNumber=1 but no interface 0. USB configuration descriptors ar...

5.5CVSS5.4AI score0.00029EPSS