Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021565 advisory. In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is not maintained in icidtable, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at initialization, host will read abnormal maxflowrings number from dongle, and it will cause kernel panic when doing iowrite to initiali...

CVE-2025-15574

When connecting to the Solax Cloud MQTT server the username is the "registration number", which is the 10 character string printed on the SolaX Power Pocket device / the QR code on the device. The password is derived from the "registration number" using a proprietary XOR/transposition algorithm...

CVE-2025-15574

CVE-2025-15574 affects Solax Power Pocket WiFi models connected to the Solax Cloud MQTT server. The vulnerability stems from using the device registration number as the username and deriving the password from the same registration number with a proprietary XOR/transposition algorithm, enabling an...

CVE-2026-24347 Arbitrary file write to /tmp directory in EZCast Pro II Dongle

Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory...

CVE-2026-24347

CVE-2026-24347 : The Red Hat/NVD/NVD enrichment entries describe an improper input validation in the Admin UI of EZCast Pro II (version 1.17478.146) that allows an attacker to manipulate files in the /tmp directory. This is tied to the EZCast Pro II dongle/application and is actionable via the Ad...

CVE-2026-24345

CVE-2026-24345 describes a Cross-Site Request Forgery in the Admin UI of EZCast Pro II, version 1.17478.146, enabling bypass of authorization checks and full admin UI access. Affected component is the Admin UI handling for EZCast Pro II. The Red Hat and CVE records corroborate CSRF as the vector,...

CVE-2026-24345 Cross-Site Request Forgery in EZCast Pro II Dongle

Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI...

CVE-2026-24344

The CVE-2026-24344 entry describes multiple buffer overflows in the EZCast Pro II Admin UI, affecting version 1.17478.146. The root cause per the documents is buffer overflow conditions in the Admin UI, enabling a crash and potentially remote code execution. No detailed exploit vectors, affected ...

CVE-2022-50915

PTPublisher 2.3.4 contains an unquoted service path vulnerability in the PTProtect service that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in 'C:\Program Files x86\Primera...

PT-2026-2391

Name of the Vulnerable Software and Affected Versions PTPublisher version 2.3.4 Description The software contains an unquoted service path vulnerability in the PTProtect service. This allows local attackers to potentially execute arbitrary code with elevated privileges. The vulnerable path is...

CVE-2021-22382

Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform unauthenticated operations...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992857)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992857 advisory. In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992236)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992236 advisory. In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at...

CVE-2025-36752

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growat...

PT-2025-51102

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

CVE-2025-13955

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...

CVE-2025-13955 Predictable Default Wi-Fi Password in EZCast Pro II Dongle

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...

CVE-2025-13954 Hard-coded cryptographic keys in EZCast Pro II Dongle

Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...