Lucene search
K

165 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001617 advisory. drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have...

7.2CVSS6.5AI score0.00398EPSS
Exploits0References9
NVD
NVD
added 2026/01/14 6:16 p.m.7 views

CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS0.00756EPSS
Exploits1References19
OSV
OSV
added 2026/01/14 6:16 p.m.3 views

UBUNTU-CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS5.8AI score0.00756EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/14 5:57 p.m.6 views

CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS5.6AI score0.00756EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/01/14 5:57 p.m.8 views

CVE-2026-22859 FreeRDP has a heap-buffer-overflow in urb_select_configuration

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

6.1CVSS5.9AI score0.00756EPSS
Exploits1References21
EUVD
EUVD
added 2026/01/14 5:57 p.m.3 views

EUVD-2026-2668

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

6.1CVSS6.4AI score0.00756EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/01/14 5:57 p.m.3 views

CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS6.9AI score0.00756EPSS
Exploits1
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.4 views

FreeRDP 输入验证错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. An input validation error vulnerability exists in versions prior to FreeRDP 3.20.1, which stems from a URBDRC client not performing a bounds check on the server-supplied MSUSBINTERFACEDESCRIPTOR...

9.1CVSS5.8AI score0.00756EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-2939

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw where the URBDRC client does not validate server-provided MSUSB INTERFACE DESCRIPTOR values. This lack of bounds checki...

9.8CVSS6.9AI score0.00756EPSS
Exploits6References235
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-27656

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Near Field Communication NFC functionality using the PN533 driver. Specifically, the driver fails to properly release a reference to the USB...

9.8CVSS5.4AI score0.0049EPSS
Exploits0References473
UbuntuCve
UbuntuCve
added 2025/12/30 1:15 p.m.10 views

CVE-2022-50829

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...

5.9AI score0.00239EPSS
Exploits0References11
OSV
OSV
added 2025/12/30 12:10 p.m.3 views

CVE-2022-50829 wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...

6.4AI score0.00239EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2025/12/30 12:10 p.m.5 views

CVE-2022-50829

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...

5.4AI score0.00239EPSS
Exploits0
OSV
OSV
added 2025/12/16 3:6 p.m.3 views

CVE-2025-68298 Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Avoid btusbmtkclaimisointf NULL deref In btusbmtksetup, we set btmtkdata-isopktintf to: usbifnumtoifdata-udev, MTKISOIFNUM That function can return NULL in some cases. Even when it returns NULL, though...

6.5AI score0.00155EPSS
Exploits0References6
NVD
NVD
added 2025/12/06 10:15 p.m.8 views

CVE-2025-40283

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusbdisconnect to avoid UAF There is a KASAN: slab-use-after-free read in btusbdisconnect. Calling "usbdriverreleaseinterface&btusbdriver, data-intf" will free the btusb data associated with...

0.00175EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/06 9:50 p.m.16 views

CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...

0.00171EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/12/06 12:0 a.m.4 views

PT-2025-49376

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ALSA subsystem, specifically in the snd usb mixer controls badd function. A NULL pointer dereference can occur when processing USB audio devic...

5.3AI score0.00171EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/03 5:2 p.m.5 views

CVE-2025-59705

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...

6.8CVSS6.8AI score0.00263EPSS
Exploits1References1
NVD
NVD
added 2025/12/02 3:15 p.m.4 views

CVE-2025-59705

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...

6.8CVSS0.00263EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/02 12:0 a.m.3 views

EUVD-2025-200262

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...

6.3AI score0.00263EPSS
Exploits1References2
Rows per page
Query Builder