Lucene search
K

287 matches found

NVD
NVD
added 2023/12/05 1:15 a.m.25 views

CVE-2023-48694

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include...

9.8CVSS0.01332EPSS
Exploits0References1
Prion
Prion
added 2023/12/05 1:15 a.m.23 views

Buffer overflow

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in...

7.5CVSS8.4AI score0.01185EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/12/05 1:15 a.m.17 views

Null pointer dereference

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include components in host class,...

7.5CVSS8.2AI score0.00946EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/05 12:25 a.m.3 views

CVE-2023-48697 Azure RTOS USBX Remote Code Execution Vulnerability

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in...

6.4CVSS8.4AI score0.01185EPSS
Exploits0References3
CVE
CVE
added 2023/12/05 12:24 a.m.42 views

CVE-2023-48696

Azure RTOS USBX contains a remote code execution vulnerability caused by an expired pointer dereference in the USBX host/CDC ACM path for RTOS v6.2.1 and earlier. Affected component: USBX within Azure RTOS USBX stack (host class/CDC ACM). Remediation: upgrade to USBX release 6.3.0 or later. Explo...

9.8CVSS8.8AI score0.00946EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/05 12:24 a.m.36 views

CVE-2023-48695 Azure RTOS USBX Remote Code Execution Vulnerability

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to out of bounds write vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host and...

7.3CVSS10AI score0.01228EPSS
Exploits0References1
CVE
CVE
added 2023/12/05 12:24 a.m.54 views

CVE-2023-48695

Azure RTOS USBX contains an out-of-bounds write vulnerability affecting the USBX host and device classes (CDC ECM and RNDIS) in RTOS v6.2.1 and earlier. This can lead to remote code execution. The issue is fixed in USBX release 6.3.0; upgrading is advised. Connected documents confirm the affected...

9.8CVSS9.2AI score0.01228EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/05 12:24 a.m.27 views

CVE-2023-48694 Azure RTOS USBX Remote Code Execution Vulnerability

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include...

6.8CVSS10AI score0.01332EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2023/11/30 12:0 p.m.7 views

The CDC's Gun Violence Research Is in Danger

In a year pocked with fights over US government funding, Republicans are quietly trying to strip the Centers for Disease Control and Prevention of its ability to research gun violence...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

5.5CVSS6.3AI score0.00165EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.3 views

SUSE CVE-2016-3138

The acmprobe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a USB device without both a control and a data endpoint descriptor...

4.6CVSS7.3AI score0.00546EPSS
Exploits1References15
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.6 views

SUSE CVE-2016-3951

Double free vulnerability in drivers/net/usb/cdcncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service system crash or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor...

4.6CVSS8.2AI score0.00586EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.2 views

SUSE CVE-2017-16534

The cdcparsecdcheader function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...

4.6CVSS7.7AI score0.00422EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.3 views

SUSE CVE-2017-16645

The imspcugetcdcuniondesc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service imspcuparsecdcdata out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...

4.6CVSS7AI score0.00404EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.2 views

SUSE CVE-2017-16649

The usbnetgenericcdcbind function in drivers/net/usb/cdcether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero error and system crash or possibly have unspecified other impact via a crafted USB device...

4.6CVSS7.6AI score0.00413EPSS
Exploits0References10
NVD
NVD
added 2022/10/10 9:15 p.m.27 views

CVE-2022-36063

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

9.8CVSS0.01516EPSS
Exploits1References3
Prion
Prion
added 2022/10/10 9:15 p.m.22 views

Integer overflow

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

7.5CVSS9.8AI score0.01516EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/10/10 12:0 a.m.36 views

CVE-2022-36063 USBX Host CDC ECM integer underflow with buffer overflow

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

7.6CVSS10AI score0.01516EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/10/10 12:0 a.m.7 views

CVE-2022-36063 USBX Host CDC ECM integer underflow with buffer overflow

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

7.6CVSS10AI score0.01516EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-3822-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.3AI score0.00552EPSS
Exploits0References2
Rows per page
Query Builder