97 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Zoned – Cloning zoned device info when cloning a device When cloning a btrfsdevice, we are not cloning the associated btrfszoneddeviceinfo structure of the device, especially in cases where the filesystem is zoned. This ca...
CVE-2020-37220
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
CVE-2020-37220
Huawei HG630 V2 router is affected by an authentication-bypass vulnerability where an unauthenticated attacker can obtain administrative access by querying /api/system/deviceinfo to retrieve the SerialNumber and using its last 8 characters as the login password. The connected CVE entry provides t...
CVE-2020-37220 Huawei HG630 V2 Router Authentication Bypass via Serial Number
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
CVE-2020-37220 Huawei HG630 V2 Router Authentication Bypass via Serial Number
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
PT-2026-40621
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
CVE-2026-34459
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: A bad drive in the topology can result in a kernel crash. When the SAS Transport Layer support is enabled and a device is exposed to the operating system through the driver, if INQUIRY commands fail, the driver...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005709)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005709 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with trivial replies,...
CVE-2026-23042 idpf: fix aux device unplugging when rdma is not supported by vport
In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo for this vport. This leads to kernel NULL pointer dereference in...
CVE-2025-32900
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...
CVE-2025-32900
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...
CVE-2025-40115 scsi: mpt3sas: Fix crash in transport port remove by using ioc_info()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix crash in transport port remove by using iocinfo During mpt3sastransportportremove, messages were logged with devprintk against &mpt3sasport-port-dev. At this point the SAS transport device may already be...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990359)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990359 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix possible buffer overflow struct hcidevinfo has a fixed size name8 field s...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989886)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989886 advisory. In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev-desc-info instead of calling i3cdevicegetinfo to avoid deadlock A deadlock may...
EUVD-2022-55551
Malicious code in bioql PyPI...
CVE-2023-53241
In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...
UBUNTU-CVE-2023-53241
In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...
CVE-2025-9214
A missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service...
Linux Distros Unpatched Vulnerability : CVE-2022-2320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of prope...