185 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe/vf: Perform early GT MMIO initialization to read GMDID VFs need to communicate with the GuC to obtain the GMDID value and existing GuC functions used for...
CVE-2025-5747
WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this...
CVE-2021-34399
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure...
CVE-2021-23201
NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or...
CVE-2021-23219
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure...
CVE-2021-34400
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure...
CVE-2021-1125
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data...
STMicroelectronics X-CUBE-AZRTOS-WL 数字错误漏洞
STMicroelectronics X-CUBE-AZRTOS-WL is an Azure RTOS-based development kit for STM32 microcontrollers from STMicroelectronics, Switzerland. A numeric error vulnerability exists in STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0, which stems from an integer overflow in the PUT request function o...
DEBIAN-CVE-2023-52981
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference counting around the request object was broken. Fix it up. The context based search manages the...
CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...
CVE-2024-8356
Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. An attacker must first obtain the ability to execute...
Visteon Infotainment 数据伪造问题漏洞
Visteon Infotainment is an automotive infotainment system from Visteon Corporation. Visteon Infotainment suffers from a data forgery vulnerability that arises from insufficient authenticity verification of the firmware image provided during firmware updates to the VIP microcontroller, which could...
CVE-2024-48970
The ventilator's microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure...
CVE-2024-48970
The CVE-2024-48970 vulnerability affects Baxter Life2000 ventilators, specifically the ventilator’s microcontroller, which lacks memory protection. The issue arises because an attacker could access the internal JTAG interface and read/write flash memory with a standard debugging tool, potentially...
CVE-2024-48970 Life2000 Ventilator microcontroller lacks memory protection
The ventilator's microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure...
PT-2024-33305 · Unknown · Ventilator
Name of the Vulnerable Software and Affected Versions: Ventilator affected versions not specified Description: The ventilator's microcontroller lacks memory protection, allowing an attacker to connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debuggin...
kernel: drm/amd/display: Refactor DMCUB enter/exit idle interface
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface Why We can hang in place trying to send commands when the DMCUB isn't powered on. How We need to exit out of the idle state prior to sending a command, but the process tha...
Third party vulnerabilities in SICK CDE-100
The SICK CDE-100 uses the open-source libraries FreeRTOS, lwIP and MCU Boot. The used libraries contain vulnerabilities that affect the SICK CDE-100...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the i2c driver stm32f7 incorrectly preparing/canceling the clock during runtime suspend/resume...
AZL-50781 CVE-2024-46870 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 Why DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS...