55701 matches found
CVE-2024-34268
CVE-2024-34268 affects the EQ-3 Eqiva CC-RT-BLE Bluetooth Smart Radiator Thermostat. The issue is that firmware up to 1.46 allows unsecured Bluetooth connections, enabling attackers to gain full access to the device without authentication. The CVSS v3.1 metrics from the entry indicate: AV Adjacen...
CVE-2026-51380
Buffer Overflow vulnerability in Tenda AC10 v3 firmware V03.03.16.09 allows attackers to cause a permanent Denial of Service DoS or potentially execute remote code via the /cgi-bin/UploadCfg endpoint...
CVE-2026-14960 CVE-2026-14960
Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...
RLSA-2026:39297 Moderate: edk2 security, bug fix, and enhancement update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-31790 openssl: OpenSS...
RHSA-2026:39297 Red Hat Security Advisory: edk2 security, bug fix, and enhancement update
Bulletin has no description...
CVE-2026-15030
Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...
EUVD-2026-44588
Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...
CVE-2026-15030
Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...
CVE-2026-9770
Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices. An attacker with access to the firmware image can extract the embedded key. Successful exploitation may allow an unauthenticated attacker on the same...
CVE-2026-9770
Affected products: TP-Link Kasa EC70 v4 and EC71 v4 firmware. Issue: a static cryptographic private key is stored in a read-only filesystem shared across devices, allowing extraction from the firmware image. Impact: an unauthenticated attacker on the same network could use the embedded key in the...
EUVD-2026-44576
Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices. An attacker with access to the firmware image can extract the embedded key. Successful exploitation may allow an unauthenticated attacker on the same...
CVE-2026-9770 Hardcoded Cryptographic Key Information Disclosure Vulnerability on TP-Link Kasa EC70 and EC71
Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices. An attacker with access to the firmware image can extract the embedded key. Successful exploitation may allow an unauthenticated attacker on the same...
CVE-2026-51380
Buffer Overflow vulnerability in Tenda AC10 v3 firmware V03.03.16.09 allows attackers to cause a permanent Denial of Service DoS or potentially execute remote code via the /cgi-bin/UploadCfg endpoint...
CVE-2026-51380
CVE-2026-51380 affects Tenda AC10 v3 with firmware V03.03.16.09. A buffer overflow in the /cgi-bin/UploadCfg endpoint could lead to a permanent DoS or remote code execution. The CVSSv3.1 score is 9.8 (CRITICAL), with network access, no privileges required, no user interaction, and high impact on ...
CVE-2025-11698
The CVE-2025-11698 vulnerability affects 5380/5480/5580 controllers with boot firmware versions below 1.072. It enables a denial-of-service by allowing a malicious actor to write invalid file data to the controller, potentially causing a major non-recoverable fault (MNRF). The documents do not pr...
CVE-2026-10672 Unterminated URI buffer causes out-of-bounds read in LwM2M firmware pull (Package URI)
subsys/net/lib/lwm2m/lwm2mpullcontext.c copied the firmware-update Package URI into a fixed static buffer context.uri, size CONFIGLWM2MSWMGMTPACKAGEURILEN, default 128 with memcpycontext.uri, uri, LWM2MPACKAGEURILEN, copying exactly the destination size with no length validation. The...
CVE-2026-10672 Unterminated URI buffer causes out-of-bounds read in LwM2M firmware pull (Package URI)
subsys/net/lib/lwm2m/lwm2mpullcontext.c copied the firmware-update Package URI into a fixed static buffer context.uri, size CONFIGLWM2MSWMGMTPACKAGEURILEN, default 128 with memcpycontext.uri, uri, LWM2MPACKAGEURILEN, copying exactly the destination size with no length validation. The...
CVE-2026-10672
CVE-2026-10672 affects Zephyr LwM2M firmware pull: code copies the firmware-package URI into a fixed 128-byte buffer without length validation, using memcpy for an up-to 254-character URI. The server-supplied URI is stored in a 255-byte object buffer; only the first 128 bytes are copied into cont...
HPESBHF05079 rev.1 - HPE Compute Scale-up Server 3200 and 3250 platforms, Multiple Vulnerabilities
Potential Security Impact: Remote: Arbitrary Code Execution, Compromise of System Integrity, Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Compute Scale-up Server 3200 - Prior to v1.76.44 HPE Compute Scale-up Server 3250 - Prior to v1.02.48 CVSS Scores:...
CVE-2026-22097
The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability to upload arbitrary files which can then lead to arbitrary code execution...