Lucene search
+L

248 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43314

A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub2D568 of the component startjffs2. Performing a manipulation of the argument jffs2exec results in os command injection. Remote exploitation of the attack is possible. The exploit has be...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References6
NVD
NVD
added 5 days ago5 views

CVE-2026-15546

A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub2D568 of the component startjffs2. Performing a manipulation of the argument jffs2exec results in os command injection. Remote exploitation of the attack is possible. The exploit has be...

6.5CVSS0.0105EPSS
Exploits0References5
CVE
CVE
added 5 days ago9 views

CVE-2026-15546

The CVE-2026-15546 entry describes a remote OS command injection in Shibby Tomato up to 1.28.0000. Affected component: start_jffs2, function sub_2D568. Exploitation involves manipulating the argument jffs2_exec; exploit is public and may be used for attacks. CVSS data indicate network access with...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 5:16 p.m.11 views

CVE-2026-58454

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...

7.7CVSS0.00523EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 3:36 p.m.36 views

CVE-2026-58454 JAIOTlink C492A-W6 4.8.30.57701411 RCE via /Anyka/config Endpoint

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...

7.7CVSS0.00523EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 3:36 p.m.27 views

CVE-2026-58454

Affected product : JAIOTlink C492A-W6 Wi‑Fi IP cameras running firmware 4.8.30.57701411. Vulnerability : remote code execution via the authenticated /Anyka/config HTTP endpoint. Root cause / vector : attackers with authentication can write to writable persistent JFFS2 storage, stage a malicious s...

7.7CVSS6.6AI score0.00523EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 3:16 p.m.15 views

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

4.6CVSS0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46246

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

5.8AI score0.00145EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2domountfs. If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

5.5CVSS6.4AI score0.00259EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: jffs2: A use-after-free occurred in jffs2clearxattrsubsystem. When we mount a jffs2 image, it is assumed that the first few blocks of the image are normal and contain at least one xattr-related inode. However, the next block may ...

7.8CVSS6.1AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock, and some memory is added to the jffs2summary s, we can observe the following kmemleak report:...

5.5CVSS6.4AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompression memory corruption The rtime decompression routine does not fully check bounds during the entire decompression process. As a result, it may corrupt memory outside the decompression buffer if the...

7.8CVSS6.4AI score0.00215EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2dofillsuper. If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

5.5CVSS6.5AI score0.00252EPSS
Exploits0References1
Redos
Redos
added 2026/03/06 12:0 a.m.5 views

ROS-20260306-73-0022

A vulnerability in the jffs2preallocrawnoderefs function of the Linux kernel is related to a pointer dereference error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.5CVSS5.8AI score0.00178EPSS
Exploits0
OSV
OSV
added 2026/01/29 10:31 p.m.9 views

USN-7986-1 linux vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ceph distributed file system; - JFFS2 file system; - Timer subsystem; - USB sound devices; CVE-2024-26689,...

7.8CVSS6.7AI score0.03558EPSS
Exploits8References5
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: jffs2: check that the raw node was preallocated before writing the summary. Syzkaller detected a kernel bug in jffs2linknoderef, caused by a fault injection in jffs2preallocrawnoderefs. jffs2sumwritesumnode does not check the...

5.5CVSS6.3AI score0.00181EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38194)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38194 advisory. - In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were...

5.5CVSS5.4AI score0.00181EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38328)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38328 advisory. - In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs...

5.5CVSS5.5AI score0.00178EPSS
Exploits0References2
OSV
OSV
added 2025/12/03 10:10 a.m.14 views

USN-7774-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

7.8CVSS6.5AI score0.01345EPSS
Exploits8References143
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 2: kernel (TSSA-2025:0436)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0436 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

7.8CVSS6.7AI score0.0026EPSS
Exploits0References7
Rows per page
Query Builder