455 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol- specific structs without validating skb-len first. A...
CVE-2026-53254
A flaw was found in the Linux kernel's Bluetooth RFCOMM Radio Frequency Communication subsystem. A malicious remote device could exploit this vulnerability by sending specially crafted, truncated Multiplexing Control Channel MCC frames. This lack of proper validation of incoming data length befor...
UBUNTU-CVE-2026-53254
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...
EUVD-2026-39205
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...
CVE-2026-53254
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...
PT-2026-52349
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description RFCOMM MCC handlers cast skb-data to protocol-specific structs without first validating skb-len. This allows a malicious remote device to send truncated MCC frames, triggering...
CVE-2026-43325
A flaw was found in the Linux kernel's iwlwifi driver. This vulnerability occurs when the driver attempts to send a Wi-Fi 6E 6th Generation Extended related command, specifically MCCALLOWEDAPTYPECMD, to a device that does not support Wi-Fi 6E. Due to the device's firmware mistakenly advertising...
CVE-2026-43325
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...
CVE-2026-43325
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iwlwifi mvm driver sending the MCCALLOWEDAPTYPECMD command on devices that do not support 6E,...
PT-2026-38976
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iwlwifi wireless driver within the mvm module. The driver sends the MCC ALLOWED AP TYPE CMD command, which is related to 6E support, even when the device does not...
Malicious code in mcc-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdebe75a625bd46c208016a8524101fa4abd3e66215fcc1bb509a7c235be3be8 The package mcc-data was found to contain malicious code...
MAL-2026-2370 Malicious code in mcc-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdebe75a625bd46c208016a8524101fa4abd3e66215fcc1bb509a7c235be3be8 The package mcc-data was found to contain malicious code...
PUB-A-439846057
In usimSendMCCMNCIndMsg of usimRegistration.c, there is a possible out of bounds write due to memory corruption. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-1977
The CVE-2025-1977 entry affects the NPort 6100-G2/6200-G2 Series. It is an execution with unnecessary privileges vulnerability where an authenticated user with read-only access can perform unauthorized MCC (Moxa CLI Configuration) changes remotely over the network under specific system conditions...
PT-2025-54288
The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...
CVE-2025-38657
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89coremlsrswitch The "linkid" value comes from the user via debugfs. If it's larger than BITSPERLONG then that would result in shift wrapping and potentially an out of bounds access...
CVE-2025-38657 wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch()
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89coremlsrswitch The "linkid" value comes from the user via debugfs. If it's larger than BITSPERLONG then that would result in shift wrapping and potentially an out of bounds access...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible shift overflow in rtw89 mcc in mlsrswitch, resulting in out-of-bounds access...
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method Path.Combine from .NET without proper sanitisation. This yields the possibility of including local files, as...