140 matches found
CVE-2025-20990
Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier...
Linux Distros Unpatched Vulnerability : CVE-2022-49849
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion:...
CVE-2025-40593
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0. The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition...
PT-2025-28143 · Frauscher · Fds102
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command while uploading a config file via...
PT-2025-28144 · Frauscher · Fds-Snmp101 +2
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command when loading a config file from a...
CVE-2022-48380
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...
CVE-2022-48389
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...
CVE-2022-47485
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...
OESA-2025-1317 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl Hulk Robot reported a KASAN report about use-after-free:...
Tenda AC8 Buffer Overflow Vulnerability (CNVD-2025-09166)
Tenda AC8 is a wireless router from Tenda, a Chinese company. Tenda AC8 suffers from a buffer overflow vulnerability, which originates from the improper handling of the parameter list in the /goform/SetIpMacBind file, and can be exploited by an attacker to remotely launch an attack and gain contr...
SUSE CVE-2021-47634
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl Hulk Robot reported a KASAN report about use-after-free: ================================================================== BUG: KASAN: use-after-free in...
SUSE CVE-2022-49329
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
DEBIAN-CVE-2022-49329
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
CVE-2022-49329
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
UBUNTU-CVE-2022-49329
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
CVE-2022-49329 vduse: Fix NULL pointer dereference on sysfs access
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
CVE-2022-49329
CVE-2022-49329: In the Linux kernel (vdpa/vduse), a NULL pointer dereference can occur when reading the control device’s msg_timeout attribute via sysfs because the control device lacks drvdata. The fix, per the provided description, is to stop creating the unneeded attribute for the control devi...
CVE-2022-49329 vduse: Fix NULL pointer dereference on sysfs access
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
CVE-2022-49329 vduse: Fix NULL pointer dereference on sysfs access
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
Siemens Tecnomatix Plant Simulation Memory Misreference Vulnerability
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A memory misreference vulnerability exists in Siemens...