Eclipse ThreadX USBX 缓冲区错误漏洞

Eclipse ThreadX USBX is an open source USB host, device and mobile embedded stack for Eclipse ThreadX. A buffer error vulnerability exists in Eclipse ThreadX USBX versions prior to 6.4.3 that stems from a possible out-of-bounds read when parsing USB audio device descriptors...

EUVD-2020-5017

Malware in sbrugna...

EUVD-2021-34272

Malicious code in bioql PyPI...

CVE-2021-47475

CVE-2021-47475 is a Linux kernel vulnerability in the comedi vmk80xx USB driver. The issue arises from transfer-buffer size checks: buffers were endpoint-sized and lacked validation, enabling overflows when a malicious device with larger max-packet sizes or unexpected accesses could write past th...

MagicMotion Flamingo Information Disclosure Vulnerability

MagicMotion Flamingo is a wearable vibrator from China-based MagicMotion. A security vulnerability exists in MagicMotion Flamingo 2, which stems from a lack of access control for MagicMotion Flamingo 2 to read from device descriptors. No details of the vulnerability are currently available...

CVE-2020-12729

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors...

Information disclosure

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors...

CVE-2020-12729

CVE-2020-12729 affects MagicMotion Flamingo 2. The connected Red Hat, CNVD, NVD, and other records confirm a vulnerability due to lack of access control when reading from device descriptors, resulting in information disclosure. The descriptions consistently cite access-control absence as the root...

CVE-2020-12729

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors...

MagicMotion Flamingo 信息泄露漏洞

MagicMotion Flamingo is a wearable vibrator from China-based MagicMotion. A security vulnerability exists in MagicMotion Flamingo 2, which stems from a lack of access control for MagicMotion Flamingo 2 to read from device descriptors. No details of the vulnerability are currently available...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2996-1)

Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...

Ubuntu: Security Advisory (USN-2971-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2970-1 linux-lts-vivid vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

USN-2968-1 linux vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

USN-2965-2: Linux kernel (Xenial HWE) vulnerabilities

USN-2965-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in t...

USN-2965-1 linux vulnerabilities

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. CVE-2016-4557 Ralf Spenneberg...

Linux Kernel 3.10.0-229.x (CentOS RHEL 7.1) - iowarrior Driver Crash (PoC)

Linux Kernel 3.10.0-229.x CentOS RHEL 7.1 - iowarrior Driver Crash PoC OS-S Security Advisory 2016-15 Linux iowarrior Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local...

Linux snd-usb-audio Denial Of Service

OS-S Security Advisory 2016-17 Linux snd-usb-audio Multiple Free Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes multiple free on invali...

Linux ati_remote2 Null Pointer Dereference

OS-S Security Advisory 2016-18 Linux atiremote2 multiple Nullpointer Dereferences Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Multiple Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crash...

Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'Wacom' Multiple Nullpointer Dereferences

Exploit for linux platform in category dos / poc Linux wacom multiple Nullpointer Dereferences Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7...