Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the handling of ICReq requests and queue removal in nvmet-tcp. This...

CVE-2026-43170

A flaw was found in the Linux kernel's USB DWC3 gadget driver. This vulnerability occurs when the dwc3gadgetvbusdraw function is called from an atomic context, which then invokes power management integrated circuit PMIC APIs that may cause the system to sleep. An attacker could exploit this...

CVE-2026-43170

CVE-2026-43170 affects the Linux kernel USB DWC3 gadget driver. The vulnerability arises when dwc3_gadget_vbus_draw() is called from atomic context and may invoke PMIC APIs that sleep, risking kernel panic. The fix moves vbus_draw to a workqueue context, mitigating sleep in atomic operations. Aff...

CVE-2026-31425

In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rdsibgetmr extracts the rdsibconnection from conn-ctransportdata and passes it to rdsibregfrmr for FRWR memory registration. On a fresh outgoing connection, ic...

CVE-2026-21382 Buffer Copy Without Checking Size of Input in Power Management IC

Memory Corruption when handling power management requests with improperly sized input/output buffers...

CVE-2020-36980

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling...

CVE-2020-36980 SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling...

PT-2026-5003

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling...

CVE-2023-31594

IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network...

EUVD-2025-142237

Malicious code in divata-tugabi-ic npm...

MAL-2025-174066 Malicious code in divata-tugabi-ic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c074d9f8576aa0a2934473e29b60a5865912f2a0a708ce8e3670c4fc26ffb258 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Cross-Site Request Forgery Vulnerabilities

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 suffer from a cross-site request forgery vulnerability that is caused by imprope...

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Information Disclosure Vulnerabilities (CNVD-2025-29078)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from a lack of authentication. An...

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Information Disclosure Vulnerabilities

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. An information disclosure vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which is caused by incorrect...

Unspecified vulnerability in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29079)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from a TLS configuration...

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Denial of Service Vulnerabilities

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 suffer from a denial of service vulnerability that stems from vulnerability to...

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Out-of-Bounds Write Vulnerabilities

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are vulnerable to an out-of-bounds write vulnerability that stems from the fact that...

Unspecified Vulnerabilities in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from multiple devices sharing the...

Unspecified vulnerability in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-27469)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which can be exploited by an attacker to cause a...

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Out-of-Bounds Write Vulnerabilities (CNVD-2025-27470)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are vulnerable to an out-of-bounds write vulnerability that stems from the fact that...