Lucene search
K

168 matches found

Cvelist
Cvelist
added yesterday16 views

CVE-2026-22097 Missing firmware validation allows remote code execution

The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability to upload arbitrary files which can then lead to arbitrary code execution...

9.3CVSS0.0027EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-22097

The CVE-2026-22097 entry describes a vulnerability where the firmware update mechanism does not perform cryptographic signature validation, allowing an attacker with access to the firmware update capability to upload arbitrary files that can lead to arbitrary code execution. The issue is document...

9.3CVSS6.2AI score0.0027EPSS
Exploits0References1
CVE
CVE
added 4 days ago8 views

CVE-2026-45203

The CVE-2026-45203 entry concerns a TOCTOU issue in GPU DDK software used inside a Host VM. CVE records attribute a vulnerability in the rgxfw_hwperf_ufo() path where the command size is re-read after initial validation, enabling improper commands to reach GPU firmware and potentially trigger a m...

7.8CVSS6.1AI score0.00116EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41455

WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.This vulnerability affects Fireware OS 11.0 up to and including...

8.6CVSS5.7AI score0.00232EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 12:16 a.m.14 views

CVE-2026-13722

WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.This vulnerability affects Fireware OS 11.0 up to and including...

8.6CVSS0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:6 p.m.10 views

CVE-2026-13722

WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.This vulnerability affects Fireware OS 11.0 up to and including...

8.6CVSS5.7AI score0.00232EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.10 views

PT-2026-55336

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.0 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.12 WatchGuard Fireware OS versions 2025.1 through 2025.6.2 Description An issue exists in the backup/restore feature where firmware...

8.6CVSS6AI score0.00232EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.8 views

SUSE CVE-2026-53205

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Added verification for the maxfrequency value provided by the firmware. If the value of maxspeedhz is 0, it may cause a division by zero error in hisicalceffectivespeed. The value of maxspeedhz is provided by t...

5.5CVSS5.4AI score0.00206EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.9 views

PT-2026-37420

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description In the brcmfmac component of the Linux kernel, the brcmf fweh handle if event function fails to perform a range check on the bsscfgidx field provided by the firmware. This allows the raw...

8.8CVSS5.8AI score0.00244EPSS
Exploits0
NVD
NVD
added 2026/04/07 8:16 p.m.3 views

CVE-2025-14858

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS0.00113EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 7:57 p.m.1 views

CVE-2025-14858 Semtech LR11xx Encrypted Firmware Disclosure

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:57 p.m.2 views

CVE-2025-14858

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.5 views

PT-2026-30995

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/17 9:15 a.m.6 views

CVE-2025-12007

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...

8.4CVSS6.9AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 9:15 a.m.10 views

CVE-2025-12007

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...

8.4CVSS0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 9:15 a.m.17 views

CVE-2025-12006

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

7.2CVSS0.00277EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/16 8:36 a.m.6 views

CVE-2025-12006

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

7.2CVSS5.4AI score0.00277EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/16 8:36 a.m.5 views

CVE-2025-12006 Supermicro BMC firmware update validation bypass

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

7.2CVSS6.5AI score0.00277EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:29 p.m.5 views

CVE-2025-68816

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

5.4AI score0.00173EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder