22 matches found
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.
...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read via the ptpunpackEOSFocusInfoEx function. An attacker can cause a crash and potentially access sensitive memory contents by supplying specially crafted input from a malicious USB device. Remediation A fix was pushed int...
CVE-2026-40225
A flaw was found in udev in systemd. A local user with access to malicious hardware devices can exploit this vulnerability. By providing unsanitized kernel output, the flaw allows for local root execution, leading to privilege escalation...
SUSE CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
EUVD-2026-21399
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
DEBIAN-CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
UBUNTU-CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
Incorrect Resource Transfer Between Spheres
Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the udev process. An attacker can gain local root execution by connecting malicious hardware devices that produce unsanitized kernel output. Remediation A fix was pushed into the master...
CVE-2026-40225
The CVE-2026-40225 entry concerns udev in systemd prior to 260, where local root access can result from malicious hardware devices and unsanitized kernel output. The vulnerability affects the systemd/udev component and is described with a CVSSv3.1 base score of 6.4 (MEDIUM), with attack vector Ph...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
systemd 安全漏洞
Systemd is a Linux-based system and service manager developed by Lennart Poettering of Germany. This product is compatible with SysV and LSB startup scripts, and it provides a framework for representing dependencies between system services. Prior to version 260, there were security vulnerabilitie...
PT-2026-31934
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2021-47770
OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...
CVE-2021-47770
OpenPLC v3 is affected by an authenticated remote code execution vulnerability. An attacker with valid credentials can inject malicious code via the hardware configuration interface by uploading a custom hardware layer containing embedded reverse shell code, which then initiates a network connect...
PT-2026-3795
Name of the Vulnerable Software and Affected Versions OpenPLC version 3 Description The software contains an authenticated remote code execution issue. An attacker with valid credentials can inject malicious code through the hardware configuration interface. This allows for the upload of a custom...