43 matches found
EUVD-2023-56908
Malicious code in bioql PyPI...
EUVD-2025-9343
Malicious code in bioql PyPI...
SUSE CVE-2025-21977
In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot via EFI and have a standard EFI framebuffer device. When the kdump kernel runs in such a VM, loading the efifb driver may hang because of...
CVE-2025-21977 fbdev: hyperv_fb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs
In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot via EFI and have a standard EFI framebuffer device. When the kdump kernel runs in such a VM, loading the efifb driver may hang because of...
CVE-2025-21977 fbdev: hyperv_fb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs
In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot via EFI and have a standard EFI framebuffer device. When the kdump kernel runs in such a VM, loading the efifb driver may hang because of...
PT-2025-14358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A hang issue in the kdump kernel has been resolved when running on Hyper-V Gen 2 VMs. The problem occurs when the hyperv fb driver moves the framebuffer to a different MMIO address due t...
Telstra Smart Modem 安全漏洞
Telstra Smart Modem is a smart modem from Telstra. A security vulnerability exists in Telstra Smart Modem Gen 2 20250115 and earlier versions, which stems from the parameter Content-Disposition of the component HTTP Header Handler can lead to injection...
VulnCheck KEV: CVE-2023-43478
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code...
CVE-2023-50810
In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability exists in the U-Boot component of the firmware that allow persistent arbitrary code execution with Linux kernel privileges. A failure to correctly handle the return value of the setenv command can be used...
CVE-2024-36969 drm/amd/display: Fix division by zero in setup_dsc_config
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setupdscconfig When sliceheight is 0, the division by sliceheight in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a state...
CVE-2024-36969 drm/amd/display: Fix division by zero in setup_dsc_config
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setupdscconfig When sliceheight is 0, the division by sliceheight in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a state...
CVE-2023-43478
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43477
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
Command injection
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-43478 Unauthenticated configuration restore and firmware update
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43477 Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-43477
CVE-2023-43477 affects Telstra Smart Modem Gen 2 (Arcadyan LH1000). The flaw is in the web UI component ping_tracerte.cgi: the ping_from parameter is not properly sanitized before being used in a system call, enabling a authenticated user to perform a command injection as root on firmware versions
CVE-2023-43477 Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-4030
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt...
CVE-2023-4030
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt...