449 matches found
CVE-2026-43325
A flaw was found in the Linux kernel's iwlwifi driver. This vulnerability occurs when the driver attempts to send a Wi-Fi 6E 6th Generation Extended related command, specifically MCCALLOWEDAPTYPECMD, to a device that does not support Wi-Fi 6E. Due to the device's firmware mistakenly advertising...
CVE-2026-43325
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...
CVE-2026-43325
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...
PT-2026-38976
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCC ALLOWED AP TYPE CMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iwlwifi mvm driver sending the MCCALLOWEDAPTYPECMD command on devices that do not support 6E,...
MAL-2026-2370 Malicious code in mcc-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdebe75a625bd46c208016a8524101fa4abd3e66215fcc1bb509a7c235be3be8 The package mcc-data was found to contain malicious code...
Malicious code in mcc-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdebe75a625bd46c208016a8524101fa4abd3e66215fcc1bb509a7c235be3be8 The package mcc-data was found to contain malicious code...
PUB-A-439846057
In usimSendMCCMNCIndMsg of usimRegistration.c, there is a possible out of bounds write due to memory corruption. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-1977
The CVE-2025-1977 entry affects the NPort 6100-G2/6200-G2 Series. It is an execution with unnecessary privileges vulnerability where an authenticated user with read-only access can perform unauthorized MCC (Moxa CLI Configuration) changes remotely over the network under specific system conditions...
PT-2025-54288
The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...
CVE-2025-38657
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89coremlsrswitch The "linkid" value comes from the user via debugfs. If it's larger than BITSPERLONG then that would result in shift wrapping and potentially an out of bounds access...
CVE-2025-38657 wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch()
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89coremlsrswitch The "linkid" value comes from the user via debugfs. If it's larger than BITSPERLONG then that would result in shift wrapping and potentially an out of bounds access...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible shift overflow in rtw89 mcc in mlsrswitch, resulting in out-of-bounds access...
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method Path.Combine from .NET without proper sanitisation. This yields the possibility of including local files, as...
mcc-complete.com Cross Site Scripting vulnerability OBB-3900354
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Kardex Mlog MCC 5.7.12 Remote Code Execution
!/usr/bin/env python3 Exploit Title: Kardex Mlog MCC 5.7.12 - RCE Remote Code Execution Date: 12/13/2022 Exploit Author: Patrick Hener Vendor Homepage: https://www.kardex.com/en/mlog-control-center Version: 5.7.12+0-a203c2a213-master Tested on: Windows Server 2016 CVE : CVE-2023-22855 Writeup:...
Kardex Mlog MCC 5.7.12 - Remote Code Execution Exploit
!/usr/bin/env python3 Exploit Title: Kardex Mlog MCC 5.7.12 - RCE Remote Code Execution Date: 12/13/2022 Exploit Author: Patrick Hener Vendor Homepage: https://www.kardex.com/en/mlog-control-center Version: 5.7.12+0-a203c2a213-master Tested on: Windows Server 2016 CVE : CVE-2023-22855 Writeup:...
Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution
Remote Code Execution in Kardex MLOG ======================================================================= Product: Kardex Mlog MCC Vendor: Kardex Holding AG Tested Version: 5.7.12+0-a203c2a213-master Fixed Version: inline patch - no new version number Vulnerability Type: Improper Control of...
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method Path.Combine from .NET without proper sanitisation. This yields the possibility of including local files, as...
Design/Logic Flaw
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method Path.Combine from .NET without proper sanitisation. This yields the possibility of including local files, as...