CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly locking hdev to handle HCIEVNUMCOMPPKTS events, which could lead to reuse after release...

EUVD-2019-15191

Malware in sbrugna...

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

CVE-2023-53120

CVE-2023-53120 relates to the Linux kernel SCSI mpi3mr driver: a DMA memory leak in the config page, addressed by fixes that ensure pending DMA allocations are freed when the device is released. The root cause involves DMA memory not being properly released, with patches referenced in stable kern...

CVE-2022-43495

OpenHarmony-v3.1.2 and prior versions had a DOS vulnerability in distributedhardwaredevicemanager when joining a network. Network attakcers can send an abonormal packet when joining a network, cause a nullptr reference and device reboot...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execut...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that originates from not properly initializing a pointer before accessing it. An attacker can exploit the vulnerabilit...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execut...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execut...

CVE-2022-43495 An abnormal packet recieved when distributedhardware_device_manager joining a network could cause a device reboot.

OpenHarmony-v3.1.2 and prior versions had a DOS vulnerability in distributedhardwaredevicemanager when joining a network. Network attakcers can send an abonormal packet when joining a network, cause a nullptr reference and device reboot...

OpenHarmony 代码问题漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony-v3.1.2 and earlier versions, which stems from a DOS vulnerability in the Distributed Hardware Device Manager when...

Unspecified Vulnerability in Netgear NETGEAR (CNVD-2021-103082)

Netgear NETGEAR is a router from the American company Netgear. A hardware device that connects two or more networks and acts as a gateway between networks. Certain NETGEAR devices have a security vulnerability that can be exploited by an attacker to escalate privileges...

B. Braun SpaceCom2 input validation error vulnerability

B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to an external device to record data in a patient data management system, PC, or USB memory stick. A remote, unauthenticated attacker could use this vulnerability to gain user-level command-line access by passing a raw extern...

NETGEAR Multiple Products Command Injection Vulnerability

Netgear NETGEAR is a router from Netgear, Inc. A hardware device that connects two or more networks and acts as a gateway between networks. Several NETGEAR devices have a security vulnerability that stems from the product's failure to filter special characters in user input data, which could allo...

Netshield NANO OS Command Injection Vulnerability

Netshield NANO is a hardware device from the American company Netshield NANO Netshield. It provides network protection functionality. The Netshield NANO 25 10.2.18 devices suffer from an operating system command injection vulnerability that stems from the insecure use of system C library function...

Winston Privacy Elevation of Privilege Vulnerability

Winston Privacy is a hardware VPN device from the American company Winston Privacy. Winston version 1.5.4 suffers from an elevation of privilege vulnerability that stems from the device having an over-authorized local www-data user, resulting in root privilege escalation. No detailed vulnerabilit...

CVE-2019-15099

A null pointer dereference flaw was discovered in the Linux kernel's implementation of the ath10k USB device driver. The vulnerability requires the attacker to plug in a specially crafted hardware device that present endpoint descriptors that normal ath10k devices do not recognize. System...

CVE-2019-5616

CVE-2019-5616 affects CircuitWerkes Sicon-8, a hardware device with a web-based front-end. The vulnerability is a client-side authentication flaw implemented in JavaScript running in the user’s browser, resulting in a read-only authentication bypass. According to the available sources, this is ne...