CVE-2022-50157

In the Linux kernel, the following vulnerability has been resolved: PCI: microchip: Fix refcount leak in mcpcieinitirqdomains ofgetnextchild returns a node pointer with refcount incremented, so we should use ofnodeput on it when we don't need it anymore. mcpcieinitirqdomains only calls ofnodeput ...

USN-7513-5 linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

Ubuntu 24.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7524-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7524-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

CVE-2024-7801

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Microchip TimeProvider 4100 Data plot modules allows SQL Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

CVE-2024-43687

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

CVE-2024-9054

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection', Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 Configuration modules allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before...

CVE-2024-22216

In default installations of Microchip maxView Storage Manager for Adaptec Smart Storage Controllers where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 exce...

CVE-2024-29155

On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a second PairReqNoInputNoOutput request just after a real one, causing the pair request to be blocked...

CVE-2024-43686

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 data plot modules allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

CVE-2022-46401

The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 accepts PauseEncReqPlainText before pairing is complete...

CVE-2022-40022

Microchip Technology Microsemi SyncServer S650 was discovered to contain a command injection vulnerability...

CVE-2022-46400

The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 allows attackers to bypass passkey entry in legacy pairing...

CVE-2022-45191

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values...

CVE-2022-45190

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device...

CVE-2022-46402

The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 accepts PairConrmSend with incorrect values...

CVE-2022-46399

The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 is unresponsive with ConReqTimeoutZero...

CVE-2022-45192

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request...

CVE-2022-46403

The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 mishandles reject messages...

CVE-2021-37605

In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check MIC bytes...

CVE-2020-12789

The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...