Lucene search
K

166 matches found

RedhatCVE
RedhatCVE
added 2025/09/21 2:2 a.m.6 views

CVE-2025-6198

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...

7.2CVSS6.9AI score0.00301EPSS
Exploits0References1
NVD
NVD
added 2025/09/19 3:15 a.m.5 views

CVE-2025-7937

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW . An attacker can update the system firmware with a specially crafted image...

7.2CVSS0.00301EPSS
Exploits0References1
NVD
NVD
added 2025/09/19 2:15 a.m.5 views

CVE-2025-6198

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...

7.2CVSS0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.4 views

SuperMicro MBD-X12STW 安全漏洞

The SuperMicro MBD-X12STW is a server motherboard from SuperMicro, Inc. A security vulnerability exists in the SuperMicro MBD-X12STW that stems from a flaw in the BMC firmware validation logic, which could result in specially crafted firmware being uploaded for execution...

7.2CVSS9.3AI score0.00301EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.6 views

PT-2025-38505

Name of the Vulnerable Software and Affected Versions Supermicro BMC firmware versions affected versions not specified Description An issue exists in the Supermicro BMC firmware validation logic on Supermicro MBD-X12STW. An attacker can update the system firmware with a specially crafted image...

9CVSS9.4AI score0.00301EPSS
Exploits0References25
OSV
OSV
added 2025/09/05 6:15 p.m.15 views

AZL-66944 CVE-2025-39710 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...

7.1CVSS5.6AI score0.00152EPSS
Exploits0References1
CVE
CVE
added 2025/09/05 5:45 p.m.35 views

CVE-2025-30199

ECOVACS vacuum robot base stations are described as not validating firmware updates and operating over an insecure Wi‑Fi link with a deterministic WPA2‑PSK key that can be derived from the device serial number. This enables potential malicious over‑the‑air updates or code execution through the up...

7.5CVSS6.4AI score0.00268EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.3 views

Solidigm DC Products 安全漏洞

Solidigm DC Products is a line of solid state drives from Solidigm. A security vulnerability exists in Solidigm DC Products that stems from improper validation of firmware inputs, which could result in a denial of service...

4.4CVSS6.6AI score0.00119EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-0174

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Use of Validation Framework in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 1...

6.5CVSS6.5AI score0.00515EPSS
Exploits0References2
NVD
NVD
added 2025/08/20 2:15 p.m.23 views

CVE-2025-31355

A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.4 views

Johnson Controls iSTAR Ultra 安全漏洞

Johnson Controls iSTAR Ultra is an access controller from Johnson Controls, Inc. It provides network resiliency and faster processing speeds. A security vulnerability exists in Johnson Controls iSTAR Ultra versions 6.9.2 and earlier, which stems from incomplete firmware validation and could lead ...

9.3CVSS6.7AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 2025/07/25 2:16 p.m.2 views

CVE-2025-38428 Input: ims-pcu - check record size in ims_pcu_flash_firmware()

In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in imspcuflashfirmware The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check. If the "len" is too large it could result in memory...

7.8CVSS6.5AI score0.00179EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2025/07/10 11:22 p.m.13 views

SUSE CVE-2025-38348

In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...

4.6CVSS6.5AI score0.00167EPSS
Exploits0References22
OSV
OSV
added 2025/07/10 9:15 a.m.6 views

DEBIAN-CVE-2025-38348

In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...

7.8CVSS5.7AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/10 8:15 a.m.8 views

CVE-2025-38348 wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()

In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...

0.00167EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.9 views

The vulnerabilities of the FirmwareUpload() and GetFirmwareValidation() functions in the microprogramming software for Intelbras RX 1500 allow a intruder to gain unauthorized access to protected information and execute arbitrary commands.

The vulnerability of the FirmwareUpload and GetFirmwareValidation functions in the Intelbras RX 1500 microprogramming device’s software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information and...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/03 12:23 a.m.11 views

CVE-2025-50405

Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...

6.5CVSS7.2AI score0.00295EPSS
Exploits1References1
OSV
OSV
added 2025/07/01 3:15 p.m.3 views

CVE-2025-50405

Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References2
CVE
CVE
added 2025/07/01 12:0 a.m.25 views

CVE-2025-50405

The CVE-2025-50405 entry concerns Intelbras RX1500 Router. Affected product: Intelbras RX1500 Router versions prior to 2.2.17. Vulnerabilities exist in the FirmwareUpload function and GetFirmwareValidation function due to improper access control (Incorrect Access Control). According to PT-2025-27...

6.5CVSS7.1AI score0.00295EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/01 12:0 a.m.5 views

CVE-2025-50405

Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...

7.1AI score0.00295EPSS
Exploits1References2
Rows per page
Query Builder