245 matches found
EUVD-2025-197902
A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50ABVY.6.3C0 and earlier could allow an authenticated attacker to execute operating system OS commands on an affected device...
CVE-2025-8693
Zyxel DX3300-T0 firmware versions prior to 5.50(ABVY.6.3)C0 are affected by a post-authentication command-injection vulnerability in the priv parameter that could allow an authenticated attacker to execute OS commands. The PT-2025-47237 entry confirms the affected firmware range and the impact. R...
CVE-2025-8693
A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50ABVY.6.3C0 and earlier could allow an authenticated attacker to execute operating system OS commands on an affected device...
PT-2025-47237
Name of the Vulnerable Software and Affected Versions Zyxel DX3300-T0 firmware versions prior to 5.50ABVY.6.3C0 Description A post-authentication command injection issue exists in the priv parameter. Successful exploitation allows an authenticated attacker to execute operating system OS commands ...
Zyxel DX3300-T0 操作系统命令注入漏洞
The Zyxel DX3300-T0 is a small wireless WiFi router from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel DX3300-T0 5.50 ABVY.6.3 C0 and earlier versions, which stems from the presence of post-authentication command injection in the priv parameter, which...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990862)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990862 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiexgetprivbyid mwifiexgetprivbyid returns the pri...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989447)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989447 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx4en: Fix an use-after-free bug in mlx4entryallocresources In mlx4entryallocresources,...
PT-2025-49092
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the Linux kernel related to the imx sc key module. The issue occurs because the address of a variable priv is incorrectly passed to the imx sc key...
CVE-2025-54957
An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evopriv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length calculation for a write can...
PT-2025-42572
Name of the Vulnerable Software and Affected Versions Dolby UDC versions 4.5 through 4.13 Description An out-of-bounds write exists in the Dolby Unified Decoder UDC when processing malformed Dolby Digital Plus DD+ bitstreams. The issue occurs in the evo priv.c file during the processing of...
SUSE CVE-2023-53649
In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel-priv area In 3cb4d5e00e037c70 "perf trace: Free syscall tp fields in evsel-priv" it only was freeing if strcmpevsel-tpformat-system, "syscalls" returned zero, while the corresponding initializati...
UBUNTU-CVE-2023-53649
In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel-priv area In 3cb4d5e00e037c70 "perf trace: Free syscall tp fields in evsel-priv" it only was freeing if strcmpevsel-tpformat-system, "syscalls" returned zero, while the corresponding initializati...
CVE-2023-53649 perf trace: Really free the evsel->priv area
In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel-priv area In 3cb4d5e00e037c70 "perf trace: Free syscall tp fields in evsel-priv" it only was freeing if strcmpevsel-tpformat-system, "syscalls" returned zero, while the corresponding initializati...
CVE-2023-53649
CVE-2023-53649 concerns a memory-leak in the Linux kernel related to perf trace. The described fix corrects how the evsel->priv area is freed: previously, freeing occurred only when evsel->tp_format->system compared to 'syscalls' yielded zero, but evsel->priv could be non-zero in othe...
CVE-2022-50513 staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtwinitcmdpriv In rtwinitcmdpriv, if pcmdpriv-rspallocatedbuf is allocated in failure, then pcmdpriv-cmdallocatedbuf will be not properly released. Besides, considering there are...
EUVD-2016-4772
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987133)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987133 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx4en: Fix an use-after-free bug in mlx4entryallocresources In mlx4entryallocresources,...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-381016)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-381016 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: set priv-pdev before using it priv-pdev pointer was set after being used in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986493)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986493 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiexgetprivbyid mwifiexgetprivbyid returns the pri...
EUVD-2022-47955
Malicious code in bioql PyPI...