CVE-2022-4980

General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...

CVE-2025-7403

Unsafe handling in btconntxprocessor causes a use-after-free, resulting in a write-before-zero. The written 4 bytes are attacker-controlled, enabling precise memory corruption...

CVE-2022-4980

General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...

CVE-2022-4980 General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page

General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...

CVE-2022-4980 General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page

General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...

CVE-2022-4980

General Bytes CAS suffered an authentication bypass in the admin web interface affecting versions 20201208–20220531.38 (backport) and 20220725.22 (mainline). An unauthenticated attacker could hit the default/install/first-admin page to create a new admin account, gain privileges, and redirect fun...

CVE-2025-7403

Unsafe handling in btconntxprocessor causes a use-after-free, resulting in a write-before-zero. The written 4 bytes are attacker-controlled, enabling precise memory corruption...

CVE-2025-7403

CVE-2025-7403 affects Zephyr RTOS: unsafe handling in bt_conn_tx_processor can cause a use-after-free, leading to a write-before-zero with attacker-controlled 4 bytes, enabling precise memory corruption. Impact is described as memory corruption with high availability impact; CVSS vectors indicate...

PT-2025-38513

Name of the Vulnerable Software and Affected Versions Bluetooth affected versions not specified Description An unsafe handling issue in bt conn tx processor can lead to a use-after-free condition, resulting in a write-before-zero. The written 4 bytes are attacker-controlled, enabling precise memo...

PT-2025-38603

Name of the Vulnerable Software and Affected Versions General Bytes Crypto Application Server CAS versions 20201208 through 20220531.38 General Bytes Crypto Application Server CAS version 20220725.22 Description General Bytes Crypto Application Server CAS contains an authentication bypass in the...

General Bytes Crypto Application Server 安全漏洞

General Bytes Crypto Application Server is General Bytes' provides powerful and simple browser-based administration. A security vulnerability exists in General Bytes Crypto Application Server versions 20201208 through prior to 20220531.38 and prior to 20220725.22, which stems from an authenticati...

CVE-2022-50407

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...

CVE-2022-50407 crypto: hisilicon/qm - increase the memory of local variables

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...

CVE-2025-39806

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

UBUNTU-CVE-2025-39806

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

CVE-2025-39806 HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

CVE-2025-39806 HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

CVE-2025-39806 HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

OESA-2025-2289 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2025-2288 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...