11583 matches found
CVE-2026-4930
SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...
CVE-2026-4930
CVE-2026-4930 concerns SIxG301’s SYMCRYPTO, a host-side hardware engine exposed to the PSA Crypto library to accelerate symmetric operations (AES and hashing). The reported issue is that DPA countermeasures on SYMCRYPTO can be weakened by forcing certain seed values if an attacker achieves code e...
EUVD-2026-39534
SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...
CVE-2026-4930 DPA Countermeasures weakening on Series 3 devices
SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...
Powertek Firmware <3.30.30 - Authorization Bypass
Powertek firmware multiple brands before 3.30.30 running Power Distribution Units are vulnerable to authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface /cgi/getparam.cgi with the tmpToken cookie set to an...
Eaton Intelligent Power Manager 1.6 - Directory Traversal
Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution. id: CVE-2018-12031 info: name: Eaton Intelligent Power Manager 1.6 - Directory Traversal author: daffainfo...
Altenergy Power Control Software C1.2.5 - Remote Command Injection
Altenergy Power Control Software C1.2.5 is susceptible to remote command injection via shell metacharacters in the index.php/management/settimezone parameter, because of settimezone in models/managementmodel.php. An attacker can potentially obtain sensitive information, modify data, and/or execut...
EUVD-2026-38924
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling devpmoppsetratedev, 0 drops the MMCX rail to MINSVS while the core clock frequency remains at its original highest rate. When runtime resum...
EUVD-2026-38919
In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control Backbone timeout occurs at DBI register offset 0x8bc PCIEMISCCONTROL1OFF...
Security Bulletin: Multiple Vulnerabilities identified in IBM Cloud Pak System
Summary Vulnerabilities identified in Cloud Pak System. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-38716 DESCRIPTION: IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could disclose sensitive information about the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: clk: Obtain runtime PM information before traversing the tree to retrieve clksummary. Similar to the previous commit, we should ensure that all devices are resumed during runtime before printing the clksummary through debugfs...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89 – freed unused skb objects to prevent memory leaks. This prevents potential memory leaks under power-saving mode...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Revert “usb: typec: ucsi: add a common function ucsiunregisterconnectors”. The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: usb: dwc2: Fixed a device leak in hwenable upon suspend/resume. Every time the platform enters low-power mode, the PM suspend/resume routines call dwc2lowlevelhwenable - devmaddactionorreset. This adds a new device entry each...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: misc: alcorpci: Fix nullptrderef when there is no PCI bridge There is a issue with the ASPM optional capability checking function. A device may be directly connected to the root complex. In this case, bus-selfbridge will be...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron The pmruntimegetsync function will increment the PM usage counter even if it fails. Forgetting to replace this function with the newer pmruntimeresumeandget function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fixed the race condition related to resume-probe. A race condition related to resume-probe was identified in kernel version 7.0, with the commit 38fa29b01a6a “i2c: designware: Combine the init functions”...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Always detect conflicting inodes when logging inode refs After renaming an inode, either through the rename operation or through regular renames in multiple non-atomic steps, if two inodes exist and at least one of them is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa – Mitigation of integer overflows in DIVROUNDUP. Herbert notes that DIVROUNDUP may cause unnecessary overflows if the -keysize callback of an ecdsa implementation returns an unusually large value. Instead, Herbert...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not be fully flushed, an...