[SECURITY] Fedora 43 Update: linux-firmware-20260519-1.fc43

This package includes firmware files required for some devices to operate...

CVE-2026-3344

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including...

MiracleLinux 8 : linux-firmware-20230404-114.git2e92a49f.el8.ML.1 (AXSA:2023-6271:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6271:06 advisory. This package includes firmware files required for some devices to operate. CVE-2023-20593 An issue in Zen 2 CPUs, under specific microarchitectural...

CVE-2023-45841

Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the...

CVE-2025-66255 Unauthenticated Arbitrary File Upload (upgrade_contents.php)

Unauthenticated Arbitrary File Upload upgradecontents.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Missing signature validation allows uploading malicious firmware packages. Th...

CVE-2025-63215

The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the...

EUVD-2021-9843

Malicious code in bioql PyPI...

EUVD-2025-24409

Malicious code in bioql PyPI...

CVE-2025-24323

Improper access control in some firmware package and LED mode toggle tool for some IntelR PCIe Switch software before version MR41.0b1 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-24323

Improper access control in some firmware package and LED mode toggle tool for some IntelR PCIe Switch software before version MR41.0b1 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-24323

The CVE-2025-24323 issue affects Intel(R) PCIe Switch software (firmware package and LED mode toggle tool) prior to MR4_1.0b1. The root cause is improper access control, enabling a local, privileged user to escalate privileges. Impact is described as escalation of privilege with local access (no ...

CVE-2025-24323

Improper access control in some firmware package and LED mode toggle tool for some IntelR PCIe Switch software before version MR41.0b1 may allow a privileged user to potentially enable escalation of privilege via local access...

Intel® PCIe Switch Software Advisory

Summary: A potential security vulnerability in some firmware package and LED mode toggle tool for some Intel® PCIe Switch software may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a product discontinuation notice for firmwar...

edk2:20220126gitbb1bba3d77 security update

An update is available for edk2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...

CVE-2019-5158

An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware versio...

OPENSUSE-SU-2025:14777-1 kernel-firmware-chelsio-20250206-1.1 on GA media

These are all security issues fixed in the kernel-firmware-chelsio-20250206-1.1 package on the GA media of openSUSE Tumbleweed...

Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity CVE-2023-20584 kernel: hw: amd:Incomplete system memory cleanup in SE...

OPENSUSE-SU-2024:13475-1 kernel-firmware-all-20231128-1.1 on GA media

These are all security issues fixed in the kernel-firmware-all-20231128-1.1 package on the GA media of openSUSE Tumbleweed...

CentOS 9 : linux-firmware-20231030-141.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the linux- firmware-20231030-141.el9 build changelog. - Protection mechanism failure for some IntelR PROSet/Wireless WiFi RHEL-14264 CVE-2022-46329 Note that Nessus has not tested for this...

CentOS: Security Advisory for iwl1000-firmware (CESA-2024:0753)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...