567 matches found
CVE-2023-54207
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
AZL-78377 CVE-2023-54207 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
CVE-2023-54207
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
UBUNTU-CVE-2023-54207
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
CVE-2023-54207
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
CVE-2023-54207 HID: uclogic: Correct devm device reference for hidinput input_dev name
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992275)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992275 advisory. In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 driver core: get rid of struct...
Linux Distros Unpatched Vulnerability : CVE-2023-54207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the...
CVE-2022-50772 netdevsim: fix memory leak in nsim_bus_dev_new()
In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsimbusdevnew If deviceregister failed in nsimbusdevnew, the value of reference in nsimbusdev-dev is 1. obj-name in nsimbusdev-dev will not be released. unreferenced object 0xffff88810352c480 size 16...
CVE-2022-50734 nvmem: core: Fix memleak in nvmem_register()
In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmemregister devsetname will alloc memory for nvmem-dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for...
CVE-2022-50734 nvmem: core: Fix memleak in nvmem_register()
In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmemregister devsetname will alloc memory for nvmem-dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for...
PT-2025-53038
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the nvmem register function within the Linux kernel's nvmem core. The dev set name function allocates memory for nvmem-dev.kobj.name, but this memory is not freed...
PT-2025-53138
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the nsim bus dev new function within the netdevsim module of the Linux kernel. If device register fails during the execution of this function, the dev reference i...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991205)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991205 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iiosysfstriginit devsetname allocates memory for...
PT-2025-50332
Hi All, Looking at the Action1 reports, and unable to see anything which would be useful to for reporting from for the vulnerability of devices. I'm looking for an export with the data similar to the below DeviceName, CveId, Severity, CVSS, PatchAvailable, Product, OS, LastSeen PC-001,...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097302)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
CVE-2025-34262
Advantech WISE-DeviceOn Server has a stored XSS in /rmm/v1/devices/name/{agent_id} affecting versions prior to 5.4. An authenticated user can rename a device; the new_name is stored and later rendered in listings/details without HTML escaping, allowing injected script to run in the browser contex...
Linux Distros Unpatched Vulnerability : CVE-2025-66221
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. O...
Improper Handling of Windows Device Names
Overview Affected versions of this package are vulnerable to Improper Handling of Windows Device Names via the safejoin function. An attacker can cause the application to hang indefinitely by requesting a path ending with a Windows special device name, e.g. CON or NUL. Note: This is only vulnerab...
Werkzeug 安全漏洞
Werkzeug is a comprehensive WSGI web application library open-sourced by Pallets. A security vulnerability exists in Werkzeug versions prior to 3.1.4, which stems from improper handling of Windows device names by the safejoin function, which may result in file read hangs...