Lucene search
K

28 matches found

SUSE CVE
SUSE CVE
added 2026/05/09 2:43 a.m.12 views

SUSE CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

9.8CVSS5.9AI score0.00253EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 5:16 p.m.19 views

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

9.8CVSS0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.12 views

open-amp 输入验证错误漏洞

open-amp is an OpenAMP open source framework that supports communication and lifecycle management between heterogeneous multi-core processors. An input validation error vulnerability exists in open-amp version v2025.10.0, which stems from an integer overflow in the ELF loader during firmware imag...

9.8CVSS6.2AI score0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.4 views

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

8.4CVSS5.9AI score0.00253EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.37 views

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

8.4CVSS0.00253EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.14 views

PT-2026-36514

Name of the Vulnerable Software and Affected Versions OpenAMP version 2025.10.0 Description The ELF loader contains an integer overflow during firmware image parsing. In the elf loader.c file, the system multiplies two attacker-controlled 16-bit values from the ELF header without performing...

9.8CVSS5.9AI score0.00253EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986371 advisory. In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all or, presumably, all of the firmware...

7.8CVSS6.1AI score0.00242EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-31122

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00712EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20477

Malicious code in bioql PyPI...

7.8CVSS6.4AI score0.00087EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 4:15 p.m.6 views

UBUNTU-CVE-2025-38679

In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The eventseqchanged handler processes a variable number of properties sent by the firmware. The number of properties is indicated by the firmware and used t...

7.1CVSS6.7AI score0.00149EPSS
Exploits0References25
CVE
CVE
added 2025/07/08 12:49 p.m.40 views

CVE-2025-27061

CVE-2025-27061 is a Qualcomm vulnerability in the Video subsystem: memory corruption/out-of-bounds write while parsing video packets from the video firmware during subsystem-failure memory handling. Affected: Qualcomm Video (closed- or firmware components) within the device’s video pipeline. Impa...

7.8CVSS6.8AI score0.00087EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.4 views

Vulnerability of the iwl_parse_tlv_firmware() function (drivers/net/wireless/intel/iwlwifi/iwl-drv.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the iwlparsetlvfirmware function drivers/net/wireless/intel/iwlwifi/iwl-drv.c in the Linux kernel is related to the execution of operations outside of the buffer in memory. Exploitation of this vulnerability could allow an attacker to cause a service failure...

5.5CVSS7.2AI score0.00193EPSS
Exploits0References24Affected Software7
CNNVD
CNNVD
added 2024/11/27 12:0 a.m.2 views

Fuji Electric Monitouch V-SFT 缓冲区错误漏洞

Fuji Electric Monitouch V-SFT is a configuration software for Human Machine Interfaces HMI from Fuji Electric. It supports a variety of features including customizable home screen, PDF document viewer, video player, alarm messages, 10 pop-up windows, and more. An out-of-bounds write code executio...

7.8CVSS7.8AI score0.00264EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.2 views

UBUNTU-CVE-2024-41039

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer...

7.8CVSS6.4AI score0.00285EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2024/06/01 2:23 a.m.0 views

SUSE CVE-2024-36880

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer...

6.3CVSS6.5AI score0.00248EPSS
Exploits0References20
OSV
OSV
added 2024/05/03 2:15 a.m.3 views

CVE-2023-27346

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS6.3AI score0.00712EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.2 views

CVE-2023-27346

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS7.7AI score0.00712EPSS
Exploits0References2
NVD
NVD
added 2024/05/03 2:15 a.m.26 views

CVE-2023-27346

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS9.1AI score0.00712EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:56 a.m.57 views

CVE-2023-27346

CVE-2023-27346 affects TP-Link AX1800 (Archer AX1800) routers. Root cause: a stack-based buffer overflow in the firmware image parsing due to insufficient validation of the length of user-supplied data before copying into a fixed-length stack buffer. Impact: network-adjacent attackers can run arb...

8.8CVSS9.1AI score0.00712EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/03 1:56 a.m.20 views

CVE-2023-27346 TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS9.2AI score0.00712EPSS
Exploits0References1
Rows per page
Query Builder