Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, offering multiple ANSI SQL-92 features. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the lack of validation...

CVE-2025-68656

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, usbclassrequestgetdescriptor frees and reallocates hiddevice-ctrlxfer when an oversized descriptor is requested but continues to use the stale local pointer, leading to an immediate...

EUVD-2025-206282

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, usbclassrequestgetdescriptor frees and reallocates hiddevice-ctrlxfer when an oversized descriptor is requested but continues to use the stale local pointer, leading to an immediate...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21835)

usb: gadget: fmidi: fix MIDI Streaming descriptor lengths This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503471; scriptversion"1.2";...

EUVD-2025-6298

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-21835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are correctly configured, and the MIDIStreaming endpoint descriptors contain the correct information, the values of bNumEmbMIDIJack and bLength are se...

CVE-2025-21835

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...

CVE-2025-21835

The CVE-2025-21835 issue affects the Linux kernel USB gadget f_midi MIDI Streaming descriptors. The root cause is incorrect bNumEmbMIDIJack and bLength values in MIDIStreaming endpoint descriptors, which can emit broken descriptors when the port count for IN/OUT differs, leaking uninitialized sta...

CVE-2025-21835 usb: gadget: f_midi: fix MIDI Streaming descriptor lengths

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...

SUSE CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when...

UBUNTU-CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when...