CVE-2026-40818

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24configetDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-40818 Unauthenticated SQLi in _mb24confi_getDevice function function

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24configetDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-9351

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.16. This vulnerability affects the function isblockeddevice of the file tools/filetools.py of the component readfile Tool. Performing a manipulation results in path traversal. The attack may be initiated remotely. The...

CVE-2026-2563

A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the function setstcreenendeabledstatus/getstatus of the file /f/service/controlDevice of the component jdcapprpc. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the...

CVE-2022-50848 drivers: dio: fix possible memory leak in dio_init()

In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dioinit If deviceregister returns error, the 'dev' and name needs be freed. Add a release function, and then call putdevice in the error path, so the name is freed in kobjectcleanup and t...

CVE-2025-68181

Technical details for CVE-2025-68181 are not provided in the supplied documents; public information here is limited to general Linux kernel/RADEON DRM context. Monitor for updates from OSV/Ubuntu/SUSE advisories.

EUVD-2023-12850

Malicious code in bioql PyPI...

EUVD-2023-58479

Malicious code in bioql PyPI...

The vulnerability of the fb_cvt_hperiod() function in the fbdev component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the fbcvthperiod function in the fbdev component of the Linux operating system is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2023-6232

Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C...

CVE-2023-53012 thermal: core: call put_device() only after device_register() fails

In the Linux kernel, the following vulnerability has been resolved: thermal: core: call putdevice only after deviceregister fails putdevice shouldn't be called before a prior call to deviceregister. thermalcoolingdeviceregister doesn't follow that properly and needs fixing. Also...

The vulnerability of the UBLK component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the UBLK component in the Linux operating system’s kernel is related to a memory leak in the ublkctrladddev function in drivers/block/ublkdrv.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the _isst_if_getpci_dev() function (drivers/platform/x86/intel/speed_select_if/isst_if_common.c) in the Linux operating system’s kernel allows a attacker to cause a service failure.

The vulnerability of the isstifgetpcidev function drivers/platform/x86/intel/speedselectif/isstifcommon.c in the Linux kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s Bluetooth kernel component is related to the assignment of the NULL pointer in the pairdevice function. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-53237

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in deviceforeachchild Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in deviceforeachchild+0x18f/0x1a0 Read of size 8 at addr ffff88801f605308 by task kbnepd bnep0/498...

CVE-2024-53237 Bluetooth: fix use-after-free in device_for_each_child()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in deviceforeachchild Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in deviceforeachchild+0x18f/0x1a0 Read of size 8 at addr ffff88801f605308 by task kbnepd bnep0/498...

The vulnerability of the cpufreq component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the cpufreq component in the Linux operating system’s kernel is related to improper validation of input in the functions cpufreqoffline and cpufreqremovedev. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2022-48636

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup Fix Oops in dasdaliasgetstartdev function caused by the pavgroup pointer being NULL. The pavgroup pointer is checked on the entrance of the function but without...

The vulnerability of the pci_disable_device function in the ixgbe component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pcidisabledevice function in the ixgbe component of Linux operating systems is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service failures...

CVE-2023-6230

Buffer overflow in the Address Book password process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C...