CVE-2026-42510

A flaw was found in OpenStack Ironic. When configured with a console interface in a non-default setup, this vulnerability allows an attacker to execute ipmitool commands. This unauthorized execution can lead to remote management of the underlying hardware, potentially resulting in arbitrary code...

CVE-2005-1399

FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver...

CVE-2024-50266

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...

SUSE CVE-2024-50266

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...

UBUNTU-CVE-2024-50266

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...

CVE-2024-50266 clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...

CVE-2024-47079

Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not have proper checks to ensure a remote...

UBUNTU-CVE-2024-47079

Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not have proper checks to ensure a remote...

CVE-2024-47079 Unauthorized usage of remote hardware module because of missing channel verification

Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not have proper checks to ensure a remote...

CVE-2024-47079

The CVE-2024-47079 entry concerns Meshtastic firmware where the remote hardware module failed to validate incoming remote hardware control messages. Root cause: the validation checks were missing, allowing unauthorized usage of the remote hardware module. Impact: as described, potential improper ...

Medium: docker

Issue Overview: The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness. CVE-2018-10892 Affected...

Cross Site Scripting - Dokumentation, Analyse & Techniken

Document Title: =============== Cross Site Scripting - Dokumentation, Analyse & Techniken References: =========== https://www.vulnerability-lab.com/resources/documents/198.pdf https://de.wikipedia.org/wiki/Cross-SiteScriptingWeblinks ; Release Date: ============= 2011-07-19 Vulnerability Laborato...