EUVD-2026-38647

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

usb: gadget: f_ecm: Refactor bind path to use __free()

...

SUSE CVE-2025-40093

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

CVE-2025-40093

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

CVE-2022-36063 USBX Host CDC ECM integer underflow with buffer overflow

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

Carel pCOWeb HVAC Insecure Credential Storage

Advisory: Unsafe Storage of Credentials in Carel pCOWeb HVAC The Carel pCOWeb card stores password hashes in the file "/etc/passwd", allowing privilege escalation by authenticated users. Additionally, plaintext copies of the passwords are stored. Details ======= Product: HVAC units using the OEM...

Beckhoff CX9020-011T Industrial Computer Detection

Binary data 763526.prm...