166 matches found
CVE-2025-6198
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...
CVE-2025-7937
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW . An attacker can update the system firmware with a specially crafted image...
CVE-2025-6198
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...
SuperMicro MBD-X12STW 安全漏洞
The SuperMicro MBD-X12STW is a server motherboard from SuperMicro, Inc. A security vulnerability exists in the SuperMicro MBD-X12STW that stems from a flaw in the BMC firmware validation logic, which could result in specially crafted firmware being uploaded for execution...
PT-2025-38505
Name of the Vulnerable Software and Affected Versions Supermicro BMC firmware versions affected versions not specified Description An issue exists in the Supermicro BMC firmware validation logic on Supermicro MBD-X12STW. An attacker can update the system firmware with a specially crafted image...
AZL-66944 CVE-2025-39710 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-30199
ECOVACS vacuum robot base stations are described as not validating firmware updates and operating over an insecure Wi‑Fi link with a deterministic WPA2‑PSK key that can be derived from the device serial number. This enables potential malicious over‑the‑air updates or code execution through the up...
Solidigm DC Products 安全漏洞
Solidigm DC Products is a line of solid state drives from Solidigm. A security vulnerability exists in Solidigm DC Products that stems from improper validation of firmware inputs, which could result in a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2021-0174
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Use of Validation Framework in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 1...
CVE-2025-31355
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
Johnson Controls iSTAR Ultra 安全漏洞
Johnson Controls iSTAR Ultra is an access controller from Johnson Controls, Inc. It provides network resiliency and faster processing speeds. A security vulnerability exists in Johnson Controls iSTAR Ultra versions 6.9.2 and earlier, which stems from incomplete firmware validation and could lead ...
CVE-2025-38428 Input: ims-pcu - check record size in ims_pcu_flash_firmware()
In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in imspcuflashfirmware The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check. If the "len" is too large it could result in memory...
SUSE CVE-2025-38348
In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...
DEBIAN-CVE-2025-38348
In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...
CVE-2025-38348 wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...
The vulnerabilities of the FirmwareUpload() and GetFirmwareValidation() functions in the microprogramming software for Intelbras RX 1500 allow a intruder to gain unauthorized access to protected information and execute arbitrary commands.
The vulnerability of the FirmwareUpload and GetFirmwareValidation functions in the Intelbras RX 1500 microprogramming device’s software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information and...
CVE-2025-50405
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...
CVE-2025-50405
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...
CVE-2025-50405
The CVE-2025-50405 entry concerns Intelbras RX1500 Router. Affected product: Intelbras RX1500 Router versions prior to 2.2.17. Vulnerabilities exist in the FirmwareUpload function and GetFirmwareValidation function due to improper access control (Incorrect Access Control). According to PT-2025-27...
CVE-2025-50405
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...