Lucene search
K

4837 matches found

NVD
NVD
added 2 days ago8 views

CVE-2026-10663

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS0.00159EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-10663 Use-after-free / double-free of the root USB device in the experimental USB host stack

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS0.00159EPSS
Exploits0References2
CVE
CVE
added 2 days ago15 views

CVE-2026-10663

The vulnerability CVE-2026-10663 affects Zephyr’s experimental USB host stack (CONFIG_USB_HOST_STACK). freed root usb_device slab in usbh_device_disconnect() leaves ctx->root dangling; bus removal handler dev_removed_handler() uses ctx->root to decide teardown. Synthesis of DEV_REMOVED even...

6.1CVSS6.1AI score0.00159EPSS
Exploits0References2
The Hacker News
The Hacker News
added 4 days ago11 views

Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card's password to anything the attacker picks. No old password. No backup card. Once it is reset, whoever did it controls the wallet and...

6.1AI score
Exploits0
NVD
NVD
added 6 days ago7 views

CVE-2026-36028

A protection mechanism failure in the Code 27 Companion Hub allows an attacker with physical access to completely bypass kiosk restrictions via a factory reset...

6.8CVSS0.00237EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-56535

Name of the Vulnerable Software and Affected Versions Code 27 Companion Hub affected versions not specified Description A protection mechanism failure allows an attacker with physical access to completely bypass kiosk restrictions by performing a factory reset. Recommendations At the moment, ther...

6.8CVSS6.1AI score0.00237EPSS
Exploits0References6
CVE
CVE
added 6 days ago6 views

CVE-2026-36028

Technical details are not publicly available in the provided documents. Monitor for updates as no specific affected components, versions, or remediation are disclosed here.

6.8CVSS6AI score0.00237EPSS
Exploits0References3
NVD
NVD
added 2026/07/03 9:16 a.m.11 views

CVE-2026-35159

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure...

5.3CVSS0.0016EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:8 a.m.7 views

EUVD-2026-41525

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure...

5.3CVSS6AI score0.0016EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/03 8:8 a.m.39 views

CVE-2026-35159

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure...

5.3CVSS0.0016EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:8 a.m.7 views

CVE-2026-35159

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure...

5.3CVSS6AI score0.0016EPSS
Exploits0References2
CVE
CVE
added 2026/07/03 8:8 a.m.38 views

CVE-2026-35159

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure. Affects Dell Client Platform BIOS; root cause and remediation details ar...

5.3CVSS6AI score0.0016EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55515

Name of the Vulnerable Software and Affected Versions Dell Client Platform BIOS affected versions not specified Description An authentication bypass exists that allows an unauthenticated attacker with physical access to the system to potentially exploit the flaw, resulting in information...

5.3CVSS5.9AI score0.0016EPSS
Exploits0References7
NVD
NVD
added 2026/07/02 7:16 p.m.9 views

CVE-2026-13743

CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication...

5.2CVSS0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 6:35 p.m.8 views

CVE-2026-13743

CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication...

5.2CVSS5.9AI score0.00116EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 6:35 p.m.30 views

CVE-2026-13743

CVE-2026-13743 affects CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20. The issue is an improper verification of cryptographic signatures that allows an attacker with physical access to upload arbitrary malicious firmware without authentication. Per the sources, impact includes ...

5.2CVSS5.9AI score0.00116EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.10 views

PT-2026-55283

Name of the Vulnerable Software and Affected Versions CubeSpace CW0057 Reaction Wheel versions prior to 5.0.20 Description An improper verification of cryptographic signature allows an attacker with physical access to the product to upload arbitrary malicious firmware to the device without...

5.2CVSS6AI score0.00116EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 12:34 a.m.20 views

EUVD-2026-40591

Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40494

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...

4.6CVSS5.8AI score0.00134EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-13905

Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References1
Rows per page
Query Builder