CVE-2026-50292

A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...

EUVD-2026-34795

A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...

EUVD-2018-21795

Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a 2000-byte payload into the Camera name and DID number fields during camera addition to trigger an application crash...

CVE-2026-40341

A flaw was found in libgphoto2, a library used for accessing and controlling cameras. An out-of-bounds read vulnerability exists in the ptpunpackEOSFocusInfoEx function. This flaw can be exploited by processing input from untrusted USB devices, potentially allowing an attacker to crash the...

CVE-2026-40341

CVE-2026-40341 affects the libgphoto2 library. In versions up to and including 2.5.33, an out-of-bounds read in ptp_unpack_EOS_FocusInfoEx could crash libgphoto2 when processing input from untrusted USB devices. A patch was introduced in commit c385b34af260595dfbb5f9329526be5158985987. No known w...

CVE-2026-40341

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...

CVE-2020-12138

AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM...

WordPress plugin isMobile 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2020-12754

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A crafted application can obtain control of device input via the window system service. The LG ID is LVE-SMP-170011 May 2020...

CVE-2024-57904

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call inputfreedevice on allocated iiodev Current implementation of at91tsregister calls inputfreedeivce on st-tsinput, however, the err label can be reached before the allocated iiodev is stored to st-tsinput. Thu...

CVE-2024-57904 iio: adc: at91: call input_free_device() on allocated iio_dev

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call inputfreedevice on allocated iiodev Current implementation of at91tsregister calls inputfreedeivce on st-tsinput, however, the err label can be reached before the allocated iiodev is stored to st-tsinput. Thu...

UBUNTU-CVE-2021-47404

In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betopprobe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malicious devices violate...

SUSE CVE-2005-3631

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords...

CVE-2021-43975

In the Linux kernel through 5.15.2, hwatlutilsfwrpcwait in drivers/net/ethernet/aquantia/atlantic/hwatl/hwatlutils.c allows an attacker who can introduce a crafted device to trigger an out-of-bounds write via a crafted length value...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2221)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-2353)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-1674)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

GHSA-6Q48-VJQ2-MWCJ Command Injection in umount

All versions of umount are vulnerable to Command Injection. The package fails to sanitize input rules and passes it directly to an exec call on the umount function . This may allow attackers to execute arbitrary code in the system if the device value passed to the function is user-controlled...

CVE-2020-12754

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A crafted application can obtain control of device input via the window system service. The LG ID is LVE-SMP-170011 May 2020...

CVE-2020-12754

CVE-2020-12754 affects LG mobile devices running Android 7.2, 8.0, 8.1, 9, and 10. A crafted app can obtain control of device input through the window system service, enabling partial to high impact on confidentiality, integrity, and availability as per CVSS metrics. Root cause centered on window...