Lucene search
K

168 matches found

CVE
CVE
added 2025/07/01 12:0 a.m.28 views

CVE-2025-50405

The CVE-2025-50405 entry concerns Intelbras RX1500 Router. Affected product: Intelbras RX1500 Router versions prior to 2.2.17. Vulnerabilities exist in the FirmwareUpload function and GetFirmwareValidation function due to improper access control (Incorrect Access Control). According to PT-2025-27...

6.5CVSS7.1AI score0.00295EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/01 12:0 a.m.5 views

CVE-2025-50405

Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...

7.1AI score0.00295EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/07/01 12:0 a.m.7 views

Intelbras RX1500 Router 访问控制错误漏洞

The Intelbras RX1500 Router is a router from Intelbras, Brazil. A security vulnerability exists in Intelbras RX1500 Router v2.2.17 and earlier versions, which stems from an improper access control in the FirmwareUpload function and the GetFirmwareValidation function...

6.5CVSS6.8AI score0.00295EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/07/01 12:0 a.m.11 views

CVE-2025-50405

Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...

0.00295EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.7 views

CVE-2023-28386

Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrar...

9.8CVSS7.3AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.8 views

CVE-2022-28383

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...

6.8CVSS6.8AI score0.0059EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.3 views

CVE-2021-37160

A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation e.g., cryptographic signature validation during a File Upload for a firmware update...

9.8CVSS7.3AI score0.08227EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:10 p.m.8 views

CVE-2020-11185

Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

7.8CVSS7.2AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 a.m.8 views

CVE-2018-11925

Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064,...

7.8CVSS7.7AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:15 a.m.11 views

CVE-2019-10535

Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

5.5CVSS7.7AI score0.0017EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.5 views

SUSE CVE-2025-23158

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...

5.5CVSS7.7AI score0.00185EPSS
Exploits0References16
Packet Storm
Packet Storm
added 2025/04/08 12:0 a.m.359 views

📄 Sony XAV-AX5500 1.13 Code Execution

Sony XAV-AX5500 version 1.13 suffers from a firmware update validation vulnerability that allows for code execution. Exploit Title: Sony XAV-AX5500 Firmware Update Validation Remote Code Execution Date: 11-Feb-2025 Exploit Author: lkushinada Vendor Homepage:...

6.8CVSS7.4AI score0.01761EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-47664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: hisi-kunpeng: Add verification for the maxfrequency provided by the firmware If the value of maxspeedhz is 0, it may cause a division by zero error in...

5.5CVSS6.6AI score0.00206EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/01 12:0 a.m.5 views

Ubiquiti UniFi Protect Cameras 安全漏洞

Ubiquiti UniFi Protect Cameras is a line of security cameras from Ubiquiti Networks that support the UniFi Protect platform for centralized management with remote access, smart monitoring and more. Ubiquiti UniFi Protect Cameras suffers from a Firmware Update Validation Insufficiency vulnerabilit...

6.8CVSS7AI score0.00223EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-42237)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42237 advisory. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Validate payload length...

5.5CVSS6.4AI score0.00211EPSS
Exploits0References2
OSV
OSV
added 2024/10/09 3:15 p.m.3 views

DEBIAN-CVE-2024-47664

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the maxfrequency provided by the firmware If the value of maxspeedhz is 0, it may cause a division by zero error in hisicalceffectivespeed. The value of maxspeedhz is provided by firmware...

5.5CVSS5.4AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2024/10/09 3:15 p.m.18 views

AZL-50860 CVE-2024-47664 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the maxfrequency provided by the firmware If the value of maxspeedhz is 0, it may cause a division by zero error in hisicalceffectivespeed. The value of maxspeedhz is provided by firmware...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/09 2:13 p.m.21 views

CVE-2024-47664 spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the maxfrequency provided by the firmware If the value of maxspeedhz is 0, it may cause a division by zero error in hisicalceffectivespeed. The value of maxspeedhz is provided by firmware...

7.1AI score0.00206EPSS
Exploits0References3
CVE
CVE
added 2024/10/09 2:13 p.m.112 views

CVE-2024-47664

The CVE affects the Linux kernel SPI driver for Hisilicon Kunpeng (spi: hisi-kunpeng). The root cause is a division by zero in hisi_calc_effective_speed() when max_speed_hz (provided by firmware) is 0. The firmware-supplied value is treated as trusted, but 0 is now explicitly invalidated, and an ...

5.5CVSS5.3AI score0.00206EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/30 12:0 a.m.8 views

PT-2024-32723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A division by zero error can occur in the hisi calc effective speed function if the value of max speed hz is 0. The max speed hz value is provided by firmware, which is generally...

5.5CVSS5.6AI score0.00206EPSS
Exploits0
Rows per page
Query Builder