1827 matches found
CVE-2026-21378 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21376 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21376 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21376
CVE-2026-21376 : Memory corruption occurs when an output buffer is accessed during IOCTL processing in a camera sensor driver without validating its size. Root cause is missing validation of the output buffer size. Documented impact includes high confidentiality, integrity, and availability conce...
CVE-2026-21374 Buffer Over-read in Camera
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
CVE-2026-21374 Buffer Over-read in Camera
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
CVE-2026-21374
CVE-2026-21374 describes memory corruption in the camera path due to insufficient buffer size validation when processing auxiliary sensor input/output control commands. The CVE is characterized as a buffer over-read in the camera subsystem, with a CVSSv3.1 base score of 7.8 (HIGH) and a Local att...
PT-2026-30647
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
PT-2026-30644
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from insufficient buffer size validation when processing commands for auxiliary sensor input/output control, potentially leading t...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There is a security vulnerability in Qualcomm Chipsets, which stems from the lack of size verification when accessing the output buffer during the IOCTL processing of the camera sensor driver. This...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There is a security vulnerability in Qualcomm Chipsets, which stems from the lack of size verification when accessing the output buffer during the IOCTL processing of the camera sensor driver. This...
[SECURITY] Fedora 43 Update: domoticz-2026.1-1.fc43
Domoticz is a Home Automation System that lets you monitor and configure vari ous devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more. Notifications/Alerts can be sent to any mobile device...
Cross-Site Scripting
Home Assistant is vulnerable to Cross Site Scripting. The vulnerability is due to the lack of output escaping or sanitization in the History-graph card, where an attacker can inject arbitrary tags that execute JavaScript by changing the name of a sensor to a malicious value...
Linux Distros Unpatched Vulnerability : CVE-2026-23323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added...
EUVD-2026-16775
Home Assistant has stored XSS in history-graphs...
CVE-2026-33045
Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02 and prior to version 2026.01 the "remaining charge time"-sensor for mobile phones imported/included from Android Auto it appears is vulnerable cross-site scripting, simila...
CVE-2026-33045 Home Assistant has stored XSS in history-graphs
Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02 and prior to version 2026.01 the "remaining charge time"-sensor for mobile phones imported/included from Android Auto it appears is vulnerable cross-site scripting, simila...
CVE-2026-33045 Home Assistant has stored XSS in history-graphs
Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02 and prior to version 2026.01 the "remaining charge time"-sensor for mobile phones imported/included from Android Auto it appears is vulnerable cross-site scripting, simila...
CVE-2026-33045
Home Assistant CVE-2026-33045 is a stored XSS vulnerability in the Energy dashboard triggered by an energy entity name. Affected versions are 2025.02 through 2026.00.x (prior to 2026.01); it is fixed in 2026.01. The issue arises when entity names containing HTML are rendered in graph tooltips, en...