2873 matches found
CVE-2022-49844 can: dev: fix skb drop check
In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...
CVE-2022-49844 can: dev: fix skb drop check
In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...
CVE-2022-49844 can: dev: fix skb drop check
In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...
CVE-2022-49844
The collection confirms CVE-2022-49844 affects the Linux kernel CAN subsystem. The issue arises from reading priv->ctrlmode in virtual CAN interfaces (e.g., vcan, vxcan) when some interfaces do not create struct can_priv at startup, causing an out-of-bounds read and CAN frame drops. The refere...
Access Control Bypass
Overview browser-use is a Make websites accessible for AI agents Affected versions of this package are vulnerable to Access Control Bypass via the server's configuration, an attacker can access the debug port, which was inadvertently exposed on all network interfaces. Remediation Upgrade...
PT-2025-18561 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the CAN Controller Area Network device driver. The issue arises from an out-of-bounds read in the priv-ctrlmode...
CVE-2024-6030
Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this...
CVE-2025-24349
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...
CVE-2025-24348
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...
CVE-2025-24347
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...
CVE-2025-24349
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...
CVE-2025-24349
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...
CVE-2025-24349
CVE-2025-24349 affects the web application of ctrlX OS under the Network Interfaces feature. A remote authenticated (low-privilege) attacker can delete the configuration of physical network interfaces by sending a crafted HTTP request. The vulnerability is evidenced across multiple sources (NVD, ...
CVE-2025-24348
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...
CVE-2025-24348
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...
CVE-2025-24348
CVE-2025-24348 affects the web interface of ctrlX OS (Network Interfaces). A remote authenticated, low-privilege attacker can manipulate the wireless network configuration file using a crafted HTTP request. Exploitation status is not detailed in the provided docs; CVSS v3.1 base score is 5.4 (Med...
CVE-2025-24347
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...
CVE-2025-24347
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...
CVE-2025-24347
The CVE-2025-24347 issue affects the web application of ctrlX OS, specifically the Network Interfaces functionality. A remote authenticated (low-privileged) attacker can manipulate the network configuration file through a crafted HTTP request. The vulnerability is described across multiple source...
CVE-2025-23375
Dell PowerProtect Data Manager Reporting, versions 19.17, contains an Incorrect Use of Privileged APIs vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...