28 matches found
SUSE CVE-2026-37540
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...
CVE-2026-37540
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...
open-amp 输入验证错误漏洞
open-amp is an OpenAMP open source framework that supports communication and lifecycle management between heterogeneous multi-core processors. An input validation error vulnerability exists in open-amp version v2025.10.0, which stems from an integer overflow in the ELF loader during firmware imag...
CVE-2026-37540
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...
CVE-2026-37540
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...
PT-2026-36514
Name of the Vulnerable Software and Affected Versions OpenAMP version 2025.10.0 Description The ELF loader contains an integer overflow during firmware image parsing. In the elf loader.c file, the system multiplies two attacker-controlled 16-bit values from the ELF header without performing...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986371)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986371 advisory. In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all or, presumably, all of the firmware...
EUVD-2023-31122
Malicious code in bioql PyPI...
EUVD-2025-20477
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-38679
In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The eventseqchanged handler processes a variable number of properties sent by the firmware. The number of properties is indicated by the firmware and used t...
CVE-2025-27061
CVE-2025-27061 is a Qualcomm vulnerability in the Video subsystem: memory corruption/out-of-bounds write while parsing video packets from the video firmware during subsystem-failure memory handling. Affected: Qualcomm Video (closed- or firmware components) within the device’s video pipeline. Impa...
Vulnerability of the iwl_parse_tlv_firmware() function (drivers/net/wireless/intel/iwlwifi/iwl-drv.c) in the Linux kernel, allowing a hacker to cause a service failure
The vulnerability of the iwlparsetlvfirmware function drivers/net/wireless/intel/iwlwifi/iwl-drv.c in the Linux kernel is related to the execution of operations outside of the buffer in memory. Exploitation of this vulnerability could allow an attacker to cause a service failure...
Fuji Electric Monitouch V-SFT 缓冲区错误漏洞
Fuji Electric Monitouch V-SFT is a configuration software for Human Machine Interfaces HMI from Fuji Electric. It supports a variety of features including customizable home screen, PDF document viewer, video player, alarm messages, 10 pop-up windows, and more. An out-of-bounds write code executio...
UBUNTU-CVE-2024-41039
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer...
SUSE CVE-2024-36880
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer...
CVE-2023-27346
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-27346
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-27346
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-27346
CVE-2023-27346 affects TP-Link AX1800 (Archer AX1800) routers. Root cause: a stack-based buffer overflow in the firmware image parsing due to insufficient validation of the length of user-supplied data before copying into a fixed-length stack buffer. Impact: network-adjacent attackers can run arb...
CVE-2023-27346 TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...