Lucene search
+L

54 matches found

nvd
nvd
added 6 days ago8 views

CVE-2026-38059

The iDirect iQ200 exposes the /api/identity and /api/ REST API endpoints without authentication. An unauthenticated attacker with network access can retrieve sensitive device information including the serial number, Device ID DID, Terminal Private Key identifier TPK, MAC address, and exact firmwa...

8.7CVSS0.00592EPSS
Exploits0References3
susecve
susecve
added 2026/06/26 2:8 a.m.6 views

SUSE CVE-2026-53266

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

6.8CVSS5.8AI score0.00129EPSS
Exploits0References10
osv
osv
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53211 netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftmetabridge: fix stale stack leak via IIFHWADDR register NFTMETABRIIIFHWADDR declares its destination register with len = ETHALEN 6 bytes, which the register-init tracking rounds up to two 32-bit registers 8 bytes...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References6
euvd
euvd
added 2026/06/25 8:39 a.m.9 views

EUVD-2026-39302

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftmetabridge: fix stale stack leak via IIFHWADDR register NFTMETABRIIIFHWADDR declares its destination register with len = ETHALEN 6 bytes, which the register-init tracking rounds up to two 32-bit registers 8 bytes...

5.7AI score0.00126EPSS
Exploits0References3
cve
cve
added 2026/06/25 8:39 a.m.23 views

CVE-2026-53211

CVE-2026-53211 (Linux kernel netfilter nft_meta_bridge) : The NFT_META_BRI_IIFHWADDR destination register is declared as 6 bytes but tracked as two 32-bit registers (8 bytes). In nft_meta_bridge_get_eval(), a memcpy writes 6 bytes of br_dev->dev_addr, leaving the upper 2 bytes of the second re...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References3Affected Software1
redhatcve
redhatcve
added 2026/06/24 3:36 p.m.7 views

CVE-2026-52937

A flaw was found in the Linux kernel's tap driver. This vulnerability allows an attacker to potentially disclose sensitive kernel stack memory contents to userspace. The flaw occurs in the tapioctl function when handling the SIOCGIFHWADDR command, where uninitialized portions of a stack-allocated...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References4
osv
osv
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS5.6AI score0.00112EPSS
Exploits0References6
debiancve
debiancve
added 2026/06/24 7:14 a.m.4 views

CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS5.7AI score0.00112EPSS
Exploits0
nvd
nvd
added 2026/05/27 11:16 a.m.15 views

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.5CVSS0.00117EPSS
Exploits0References8
cve
cve
added 2026/05/27 9:24 a.m.35 views

CVE-2026-45844

Summary: CVE-2026-45844 affects the Linux kernel netfilter arp_tables on IEEE1394 (FireWire) interfaces. The vulnerability arises because arp_packet_match() unconditionally parses the ARP payload assuming both source and target hardware addresses exist, while IPv4-over-IEEE1394 ARP omits the targ...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References8Affected Software1
attackerkb
attackerkb
added 2026/05/27 9:24 a.m.7 views

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.7AI score0.00117EPSS
Exploits0References6Affected Software1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: fixed a potential memory leak in octepdevicesetup. When errors such as unsupporteddev and mbox init occur, the variables oct-conf and iounmap oct-mmioi.hwaddr were not freed properly. This could lead to a memory leak...

5.5CVSS5.4AI score0.0014EPSS
Exploits0References2
cve
cve
added 2026/03/19 12:0 a.m.7 views

CVE-2025-67114

The CVE-2025-67114 affects the Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware, where a deterministic credential generation in /ftl/bin/calc_f2 allows remote attackers to derive valid admin/root credentials from the MAC address, enabling authentication bypass and full device access. Mi...

9.8CVSS5.9AI score0.00517EPSS
Exploits0References3
osv
osv
added 2026/01/04 12:15 a.m.4 views

CVE-2025-3654

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to device hardware information by exploiting insecure API endpoints. Attackers can retrieve device serial numbers and MAC addresses through...

9.8CVSS5.7AI score0.00241EPSS
Exploits0References2
nvd
nvd
added 2025/12/03 5:15 p.m.6 views

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

7.5CVSS0.00289EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/12/03 12:0 a.m.5 views

PT-2025-48965

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1280 and 2200 affected versions not specified Description An issue exists in the Camera component of Samsung Mobile Processors Exynos 1280 and 2200. An unnecessary registration of a hardware IP address within th...

7.5CVSS6.4AI score0.00289EPSS
Exploits0References7
cvelist
cvelist
added 2025/12/03 12:0 a.m.23 views

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

0.00289EPSS
Exploits0References2
cve
cve
added 2025/10/31 2:23 p.m.17 views

CVE-2025-64385

CVE-2025-64385 affects Circutor TCPRS1plus. The issue arises when configuring the device via UDP through the manufacturer’s software, where any aspect of the initial configuration can be changed by the device’s MAC address without authentication. The vulnerability is observed in the UDP configura...

9.2CVSS6.6AI score0.00498EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-0144

Malware in sbrugna...

9.1CVSS6AI score0.0121EPSS
Exploits1References8
cnvd
cnvd
added 2025/09/09 12:0 a.m.4 views

Google Android Information Disclosure Vulnerability (CNVD-2025-21348)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by a lack of permission checking in the audio service. An attacker can exploit the vulnerability to obtain the MAC address of a nearby...

5.5CVSS6.1AI score0.0007EPSS
Exploits0References1
Rows per page
Query Builder