138 matches found
PT-2025-38751
Name of the Vulnerable Software and Affected Versions Blackmagic Web Presenter HD firmware version 3.3 Description The Blackmagic Web Presenter HD firmware version 3.3 has an unauthenticated Telnet service accessible on port 9977 that exposes sensitive information. Connecting to this service...
btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()
...
Linux Distros Unpatched Vulnerability : CVE-2022-49790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting...
CVE-2025-20990
Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Aug-2025 Release 1, which stems from improper access control and could...
SinoTrack IOT PC Platform 安全漏洞
SinoTrack IOT PC Platform is a location-based system from China-based SinoTrack. A security vulnerability exists in SinoTrack IOT PC Platform that stems from the default password not being forced to be changed, which could lead to a malicious actor obtaining a device identifier...
SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords
Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be exploited to control certain remote functions on connected vehicles and even track their locations. "Successful exploitation of these vulnerabilities could allow an attacker to access device profiles without...
CVE-2023-5080
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands...
CVE-2022-39893
Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log...
Inedo ProGet 安全漏洞
Inedo ProGet is a package management system from Inedo. A security vulnerability exists in Inedo ProGet versions prior to 2.17.5 that stems from a low-privileged user having access to changed information in backups, including user IDs, email addresses, and device UUIDs...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS that stems from a privilege issue that could cause an...
CVE-2025-20665
In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09555228; Issue ID: MSV-2760...
CVE-2025-21661 gpio: virtuser: fix missing lookup table cleanups
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from...
The vulnerability in the web interface for managing device information on the Cisco Common Services Platform Collector allows a attacker to perform XSS attacks.
The vulnerability in the web interface for collecting device information on Cisco Common Services Platform Collector CSPC is related to the failure to remove unacceptable symbols from identifiers on web pages. Exploiting this vulnerability allows a remote attacker to perform XSS attacks...
xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remo...
CVE-2023-38299
Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining...
CVE-2023-38302
A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...
CVE-2023-38301
An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...
Verizon Orbic Maui 安全漏洞
Verizon Orbic Maui is a cell phone from Verizon. A security vulnerability exists in the Verizon Orbic Maui that stems from disclosing the IMEI and ICCID to system attributes, resulting in the existence of a security vulnerability...
CVE-2023-38296
CVE-2023-38296 affects TCL 30Z and TCL A3X devices, where the ICCID is leaked to a system property (persist.sys.tctPowerIccid) accessible by any local app without permissions. The issue arises because a high-privilege process exposes the non-resettable device identifier indirectly. Affected build...