29 matches found
Synergistic Development of Cybersecurity and Functional Safety for Smart Electric Vehicles
The introduction of Smart Electric Vehicles SEVs represents an increasingly disruption on automotive area, once integrates advanced computer and communication technologies to highly electrical cars, which come with high performances, environment friendly and user friendly characteristics . But th...
EUVD-2024-29856
Malicious code in bioql PyPI...
USN-7489-2: Linux kernel (Real-time) vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Timer subsystem; CVE-2025-21813...
USN-7494-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; CVE-2023-52664, CVE-2023-52927...
USN-7492-2: Linux kernel (Real-time) vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Bluetooth drivers; CVE-2024-56653...
USN-7453-1: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...
USN-7406-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...
USN-7402-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...
USN-7383-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...
USN-7323-1: Linux kernel vulnerabilities
Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...
USN-7169-5: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...
Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: i40e: fix race condition by adding filter's intermediate sync state CVE-2024-53088 kernel: mptcp: cope racing subflow creation in...
Understanding the threat landscape and risks of OT environments
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Chris Sistrunk, Technical Manager in...
picoTCP Input Validation Error Vulnerability
Altran EESY Belgium Picotcp is a software from the Altran EESY Belgium community that provides TCP/IP protocol support for real-time systems. An input validation error vulnerability exists in picoTCP version 1.7.0, which arises from a network system or product that does not properly validate...
The vulnerability of the IPv4 protocol for real-time operating systems like Wind River VxWorks allows attackers to execute arbitrary code.
The vulnerability of the IPv4 protocol for real-time operating systems like Wind River VxWorks stems from buffer overflows in the stack during the parsing of IP packets. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted IPv4 packets...
CVE-2014-3788
Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request...
Command injection
GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors...
CVE-2014-3789
CVE-2014-3789 affects Cogent Real-Time Systems’ Cogent DataHub web server. The vulnerability lies in GetPermissions.asp, where insecure use of the datahub_command function with user-supplied input enables remote command execution. Public sources indicate this could be exploited remotely and led t...
Null pointer dereference
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service NULL pointer dereference and application crash via malformed data in a formatted text...
Command injection
The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service incorrect pointer access and client cra...