19184 matches found
EUVD-2025-35839
In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN FD interfaces supported by this driver. mkl: update subject, apply...
EUVD-2025-35738
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine...
EUVD-2025-35740
A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the...
EUVD-2025-35739
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine...
CVE-2025-60023
CVE-2025-60023 describes a relative path traversal in AutomationDirect Productivity Suite v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine. Public advisories and ref...
CVE-2025-58078
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine...
CVE-2025-58078
CVE-2025-58078 pertains to AutomationDirect Productivity Suite 4.4.1.19, where a relative path traversal flaw in the ProductivityService PLC simulator allows an unauthenticated remote attacker to write arbitrary data to the target machine. The issue is described across multiple sources (NVD, Red ...
CVE-2025-58456 AutomationDirect Productivity Suite Relative Path Traversal
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine...
Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. An information disclosure vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 due to a vulnerability when th...
PT-2025-43570
Name of the Vulnerable Software and Affected Versions Productivity Suite version v4.4.1.19 Description A flaw exists due to a binding to an unrestricted IP address in the ProductivityService PLC simulator. This allows an unauthenticated remote attacker to interact with the simulator. Successful...
Aviatrix Controllers < 7.1.4191 / 7.2 < 7.2.4996 RCE
The version of Aviatrix Controller installed on the remote host is prior to 7.1.4191 for 7.1.x or prior to 7.2.4996 for 7.2.x. It is, therefore, affected by an OS command injection vulnerability caused by improper neutralization of special elements in API input. An unauthenticated attacker can se...
PT-2025-51649
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s UFS Universal Flash Storage subsystem, specifically within the ufs-qcom component, related to power-down sequences. During UFS device power down,...
EUVD-2025-35633
BookLore is a self-hosted web app for organizing and managing personal book collections. In versions 1.8.1 and prior, an authentication bypass vulnerability in the BookMediaController allows any unauthenticated user to access and download book covers, thumbnails, and complete PDF/CBX page content...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...
EUVD-2023-60010
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpubuffer during resize process When ringbufferswapcpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will...
CVE-2023-53714
In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdccrtcsetcrcsource, struct drmcrtc was dereferenced in a containerof before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:11...
DEBIAN-CVE-2023-53714
In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdccrtcsetcrcsource, struct drmcrtc was dereferenced in a containerof before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:11...
PT-2025-43115
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the DRM/STM subsystem, specifically in the ltdc driver. A late dereference check in the ltdc crtc set crc source function could lead to a kernel...
CLSA-2025-1761082525 Fix CVE(s): CVE-2022-45141
SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/kv to versi...