Lucene search
K

567 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39033

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net: dsa: microchip component where the ksz ptp irq setup function fails to dispose of a newly created IRQ mapping if the request threaded irq function fails durin...

5.8AI score0.00122EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2026/05/07 8:7 a.m.12 views

mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()

...

8.4CVSS5.8AI score0.00131EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-37614

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access issue exists in the mchp ipc get cluster aggr irq function. The cluster cfg array, which is dynamically allocated for per-CPU configuration structures based on th...

8.4CVSS7.4AI score0.00131EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/05/03 11:59 p.m.4 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Net: DSA: Microchip: Kszcommon: Fixed the refcount leak bug. In kszswitchregister, we should call ofnodeput for the reference returned by ofgetchildbyname, which has increased the refcount...

5.5CVSS6.3AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/16 6:31 p.m.5 views

EUVD-2026-23272

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References2
NVD
NVD
added 2026/04/16 6:16 p.m.5 views

CVE-2026-2336

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/16 5:2 p.m.3 views

CVE-2026-2336 Weak webstax_auth Cookie Authentication Allows Privilege Escalation

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References1
CVE
CVE
added 2026/04/16 5:2 p.m.11 views

CVE-2026-2336

CVE-2026-2336 describes a privilege escalation in Microchip IStaX where an authenticated low-privilege user can extract the shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges. Affected product: IStaX (before 2026.03). T...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/16 5:2 p.m.3 views

CVE-2026-2336

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/16 5:2 p.m.28 views

CVE-2026-2336 Weak webstax_auth Cookie Authentication Allows Privilege Escalation

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS0.00202EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.6 views

PT-2026-33346

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: microchip: mpfs: Fix memory leak in mpfssyscontrollerprobe In mpfssyscontrollerprobe, if ofgetmtddevicebynode fails, the function returns immediately witho...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/04/03 4:16 p.m.4 views

UBUNTU-CVE-2026-23464

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfssyscontrollerprobe In mpfssyscontrollerprobe, if ofgetmtddevicebynode fails, the function returns immediately without freeing the allocated memory for syscontroller, leading to a memor...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/03 3:15 p.m.17 views

CVE-2026-23464 soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfssyscontrollerprobe In mpfssyscontrollerprobe, if ofgetmtddevicebynode fails, the function returns immediately without freeing the allocated memory for syscontroller, leading to a memor...

0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/29 11:13 a.m.2 views

CVE-2025-9497

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

9.8CVSS5.9AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/28 12:30 p.m.4 views

EUVD-2025-209112

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

7CVSS5.9AI score0.00262EPSS
Exploits0References2
NVD
NVD
added 2026/03/28 11:16 a.m.10 views

CVE-2025-9497

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

9.8CVSS0.00262EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/28 10:58 a.m.3 views

CVE-2025-9497

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

7CVSS5.9AI score0.00262EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/28 10:58 a.m.27 views

CVE-2025-9497 Hardcoded Upgrade Decryption Passwords

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

7CVSS0.00262EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/28 10:58 a.m.2 views

CVE-2025-9497 Hardcoded Upgrade Decryption Passwords

Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...

7CVSS5.9AI score0.00262EPSS
Exploits0References2
Rows per page
Query Builder