The vulnerability of the thermaldebug_cdevremove() function in the Linux operating system’s temperature sensor driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the thermaldebugcdevremove function in the drivers/thermal/thermaldebugfs.c file of the Linux operating system’s temperature sensor driver is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allo...

[SECURITY] Fedora 40 Update: qt6-qtsensors-6.7.1-1.fc40

The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for devices...

CVE-2024-33471

AVTECH Room Alert 4E v4.4.0 is affected by a Sensor Settings vulnerability that allows an attacker to access SMTP credentials in plaintext via a crafted AJAX request. This affects devices no longer supported by the maintainer. CVSSv3.1: 7.2 (HIGH) with Network attack vector, low complexity, requi...

CVE-2024-33471

An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

SUSE CVE-2021-47385

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83792d Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 from device then Null pointer dereference occurs. I...

PT-2024-25276 · Avtech · Avtech Room Alert 4E

Name of the Vulnerable Software and Affected Versions: AVTECH Room Alert 4E version 4.4.0 Description: An issue in the Sensor Settings allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request to an unspecified API endpoint. This issue only affects products that...

TotalCloud Container Security Best Practices

Qualys Container Security CS, an integral part of TotalCloud 2.0, provides a comprehensive view of the security posture of containerized applications. Operationalizing a new technology tool in an enterprise often presents its own challenges. This blog seeks to help the operations team familiarize...

CVE-2024-33903

In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians or bicycles, in part because the collision sensor function is not exposed to the Blueprint library...

CVE-2024-33903

In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians or bicycles, in part because the collision sensor function is not exposed to the Blueprint library...

CVE-2024-33903

In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians or bicycles, in part because the collision sensor function is not exposed to the Blueprint library...

CARLA Simulator 安全漏洞

CARLA Simulator is a CARLA open source simulator for autonomous driving research. A security vulnerability exists in CARLA Simulator version 0.9.15.2 and prior versions, which stems from the collision sensor functionality not being disclosed to the Blueprint Library...

CVE-2024-33903

In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians or bicycles, in part because the collision sensor function is not exposed to the Blueprint library...

CVE-2024-33903

CARLA up to 0.9.15.2 has a collision sensor issue that mishandles certain pedestrian/bicycle scenarios because the collision sensor function is not exposed to the Blueprint library. The vulnerability affects the sensor component and could impact integrity in related processes; access is not descr...

PT-2024-25538 · Carla · Carla

Name of the Vulnerable Software and Affected Versions: CARLA versions 0.9.15.2 and earlier Description: The collision sensor in CARLA mishandles certain situations involving pedestrians or bicycles. This issue arises because the collision sensor function is not exposed to the Blueprint library...

OESA-2024-1483 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in functions imgi2cxfer and...

Expanding coverage with Linux runtime

Wiz announces its Runtime Sensor for Linux, expanding coverage of threat detection and response for cloud workloads...

SUSE CVE-2024-26702

In the Linux kernel, the following vulnerability has been resolved: iio: magnetometer: rm3100: add boundary check for the value read from RM3100REGTMRC Recently, we encounter kernel crash in function rm3100commonprobe caused by out of bound access of array rm3100samprates because of underlying...

sensor-instruments.de Cross Site Scripting vulnerability OBB-3899568

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2021-47133

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix memory leak in amdsfhwork Kmemleak tool detected a memory leak in the amdsfh driver. ==================== unreferenced object 0xffff88810228ada0 size 32: comm "insmod", pid 3968, jiffies 4295056001 age 775.792s h...

PT-2025-2514 · Qualcomm · Qualcomm Embedded Platform Microcode

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform microcode affected versions not specified Description: The issue is related to a memory corruption problem that occurs when parsing memory map information in IOCTL calls. This can be exploited to impact the...