269 matches found
CVE-2026-8864
The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability...
CVE-2026-8864
The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability...
CVE-2026-8864
The CVE-2026-8864 entry concerns the HP Fan Control App, where local escalation of privileges is possible. The vulnerability is supported by multiple sources noting that an updated HP Fan Control App version has been released to mitigate the issue. Documented metrics indicate a local attack vecto...
EUVD-2026-40368
The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
Unbreakable Enterprise kernel security update
6.12.0-203.76.7.1 - smb: client: reject userspace cifs.spnego descriptions Asim Viladi Oglu Manizada Orabug: 39474418 6.12.0-203.76.7 - tun: free page on buildskb failure in tunxdpone Weiming Shi Orabug: 39456024 - tap: free page on error paths in tapgetuserxdp Weiming Shi Orabug: 39456024 - tun:...
CVE-2026-45292 opentelemetry-java: Unbounded Memory Allocation in W3C Baggage Propagation
opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: hwmon: gpiofan Fix for out-of-bounds access to arrays The driver does not check whether the cooling state passed to gpiofansetcurstate exceeds the maximum cooling state stored in fandata-numspeeds. Since the cooling state is late...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mlxsw: Thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: bash cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: mlxreg-fan Returns a non-zero value when the fan’s current state is enforced from sysfs. The minimum fan speed can be enforced from sysfs. For example, setting the current fan speed to 20 is used to ensure that the fan spe...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: axi-fan-control Fixed a possible NULL pointer dereferencing issue. axifancontrolirqhandler, which depends on the private axifancontroldata structure, might be called before the hwmon device is registered. This could lead t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTOU race conditions, potentially causing divide-by-zer...
CVE-2026-8273
A weakness has been identified in D-Link DNS-320 2.06B01. This impacts the function cgisethost/cgisetntp/cgifancontrol/cgimergeuser of the file /cgi-bin/systemmgr.cgi. This manipulation causes os command injection. It is possible to initiate the attack remotely...
PT-2026-39572
A weakness has been identified in D-Link DNS-320 2.06B01. This impacts the function cgi set host/cgi set ntp/cgi fan control/cgi merge user of the file /cgi-bin/system mgr.cgi. This manipulation causes os command injection. It is possible to initiate the attack remotely...
hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin
...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
EUVD-2025-209578
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...