69 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of prohibition for private IOCTL commands in the atomic ISP driver, potentially leading ...
CVE-2026-44110
OpenClaw is affected by CVE-2026-44110, with vulnerability present in versions before 2026.4.15. The issue is an authorization bypass in Matrix room control-command authorization that trusts DM pairing-store entries. Attackers with DM-paired sender IDs can execute room control commands without be...
CVE-2026-35903
MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, the device does not verify the Digest response parameter in subsequent RTSP requests within the sa...
CVE-2026-21374
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
EUVD-2026-19327
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
CVE-2026-21374
CVE-2026-21374 describes memory corruption in the camera path due to insufficient buffer size validation when processing auxiliary sensor input/output control commands. The CVE is characterized as a buffer over-read in the camera subsystem, with a CVSSv3.1 base score of 7.8 (HIGH) and a Local att...
PT-2026-30644
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
CVE-2021-27388
SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control...
GHSA-X4FF-Q6H8-V7GW sbt: Source dependency feature (via crafted VCS URL) leads to arbitrary code execution on Windows
Summary On Windows, sbt uses Process"cmd", "/c", ... to run VCS commands git, hg, svn. The URI fragment branch, tag, revision is user-controlled via the build definition and passed to these commands without validation. Because cmd /c interprets &, |, and ; as command separators, a malicious...
CVE-2025-1727
The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...
Security Risks Introduced by Weak Authentication in Smart Home IoT Systems
Smart home IoT systems rely on authentication mechanisms to ensure that only authorized entities can control devices and access sensitive functionality. In practice, these mechanisms must balance security with usability, often favoring persistent connectivity and minimal user interaction. This...
Command Injection
check-branches is vulnerable to command injection.The vulnerability is due to the tool trusting branch names as plain text and concatenating them into git commands, which allows an attacker to craft malicious branch names to execute arbitrary system commands...
CVE-2025-47347
Memory corruption while processing control commands in the virtual memory management interface...
CVE-2025-47347
Memory corruption while processing control commands in the virtual memory management interface...
CVE-2025-47347 Stack-based Buffer Overflow in Automotive Software platform based on QNX
Memory corruption while processing control commands in the virtual memory management interface...
CVE-2025-47347
CVE-2025-47347 affects an automotive software platform based on QNX and Qualcomm chipsets. The issue is described as a memory corruption (also reflected as a stack-based overflow in some listings) occurring while processing control commands in the virtual memory management interface, indicating a...
EUVD-2025-33242
Memory corruption while processing control commands in the virtual memory management interface...
CVE-2025-47347 Stack-based Buffer Overflow in Automotive Software platform based on QNX
Memory corruption while processing control commands in the virtual memory management interface...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing control commands...
EUVD-2016-2486
Malware in sbrugna...