150 matches found
Medtronic MyCareLink Patient Monitor 安全漏洞
Medtronic MyCareLink Patient Monitor is an open-source monitoring system developed by Medtronic in the United States. The Medtronic MyCareLink Patient Monitor has a security vulnerability, which stems from its internal serial interface. This vulnerability could allow attackers with physical acces...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: serial/pmaczilog: Removed the flawed mitigation for rx irq flood. The mitigation was intended to completely stop the irq. This might be better than using a hard lock-up, but it turns out that a crash still occurs if pmaczilog ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006786)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006786 advisory. In the Linux kernel, the following vulnerability has been resolved: serial/pmaczilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop t...
CVE-2026-30613
An information disclosure vulnerability exists in AZIOT 1 Node Smart Switch 16amp- WiFi/Bluetooth Enabled Software Version: 1.1.9 due to improper access control on the UART debug interface. An attacker with physical access can connect to the UART interface and obtain sensitive information from th...
CVE-2026-32291
The GL-iNet Comet GL-RM1 KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins...
EUVD-2026-12600
The GL-iNet Comet GL-RM1 KVM does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins...
CVE-2026-32291 GL-iNet Comet (GL-RM1) KVM unauthenticated root access via UART serial console
The GL-iNet Comet GL-RM1 KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins...
CVE-2026-32291
The GL-iNet Comet GL-RM1 KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins...
CVE-2026-32291
The CVE-2026-32291 issue affects GL-iNet Comet KVM (GL-RM1) prior to firmware 1.8.2, where the UART serial console does not require authentication. An attacker with physical access can connect to UART pins to gain root-level access. The Red Hat and ENISA entries corroborate this UART-authenticati...
PT-2026-25913
CVE-2026-32291 The GL-iNet Comet GL-RM1 KVM does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UA… https://t.co/3nIVbSAO2u...
GL-iNet Comet 安全漏洞
GL-iNet Comet is a portable, multi-functional network device developed by GL-iNet Corporation in China. There is a security vulnerability present in GL-iNet Comet, which stems from the UART serial console lacking authentication. This allows attackers with physical access to the device to connect ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003399)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003399 advisory. The usbserialconsoledisconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service...
CVE-2022-50927
Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricte...
CVE-2022-50927
Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricte...
CVE-2022-50927
CVE-2022-50927 affects Cyclades Serial Console Server 3.3.0. The vulnerability is a local privilege escalation caused by overly permissive sudo privileges granted to the admin user and admin group. An attacker could exploit the default user configuration to obtain root access by manipulating syst...
CVE-2022-50927 Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation
Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricte...
PT-2026-2403
Name of the Vulnerable Software and Affected Versions Cyclades Serial Console Server version 3.3.0 Description The Cyclades Serial Console Server has a local privilege escalation issue. The problem stems from overly permissive sudo privileges granted to the admin user and admin group. An attacker...
Cyclades Serial Console Server 安全漏洞
Cyclades Serial Console Server is a serial console server appliance from Cyclades USA. A security vulnerability exists in Cyclades Serial Console Server version 3.3.0, which stems from overly lax sudo privileges that could lead to local elevation of privilege...
CVE-2021-27952
Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a threat actor to gain access to the password-protected bootloader environment through the serial console...
SUSE SLES16 Security Update : grub2 (SUSE-SU-2025:21212-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21212-1 advisory. Changes in grub2: - CVE-2025-54771: Fixed grubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770:...