13 matches found
CVE-2026-3229
An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...
CVE-2026-3229
An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
Delta Electronics ASDA-Soft
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA...
CVE-2025-8557
An internal product security audit of Lenovo XClarity Orchestrator LXCO discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator LXCO network segment may be able to manipulate the local device to create an alternate communication channel...
CVE-2025-8557
An internal product security audit of Lenovo XClarity Orchestrator LXCO discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator LXCO network segment may be able to manipulate the local device to create an alternate communication channel...
CVE-2025-8557
An internal product security audit of Lenovo XClarity Orchestrator LXCO discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator LXCO network segment may be able to manipulate the local device to create an alternate communication channel...
Delta Electronics CNCSoft-G2
RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on affected installations of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds...
INVT VT-Designer and HMITool
RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code in the context of the current process. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...
CVE-2021-41810
Script injection in M-Files Admin versions before 22.2.11051.0, allows executing stored script in admin tool. M-Files Admin tool allows storing configuration data with script which may then get run by another vault administrator. Requires vault admin level authentication and is not remotely...
CVE-2018-6260
NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector...
UBUNTU-CVE-2018-6260
NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector...