29 matches found
UBUNTU-CVE-2026-23472
In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...
Information Exposure
Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Information Exposure via the exposed endpoints /skServer/serialports, /skServer/availablePaths, and /skServer/hasAnalyzer that are not protected by authentication...
GHSA-FPF5-W967-RR2M Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints
Note This is a separate issue from the RCE vulnerability State Pollution currently being patched. While related to tokensecurity.js, it involves different endpoints and risks. Summary An unauthenticated information disclosure vulnerability allows any user to retrieve sensitive system information,...
Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints
Note This is a separate issue from the RCE vulnerability State Pollution currently being patched. While related to tokensecurity.js, it involves different endpoints and risks. Summary An unauthenticated information disclosure vulnerability allows any user to retrieve sensitive system information,...
CVE-2021-35520
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports...
GHSA-49JC-R788-3FC9 gix refs and paths with reserved Windows device names access the devices
Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...
RUSTSEC-2024-0351 Refs and paths with reserved Windows device names access the devices
Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...
RUSTSEC-2024-0353 Refs and paths with reserved Windows device names access the devices
Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...
RUSTSEC-2024-0352 Refs and paths with reserved Windows device names access the devices
Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...
Fedora: Security Advisory for jssc (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: jssc-2.8.0-30.fc40
jSSC Java Simple Serial Connector - library for working with serial ports from Java...
Korenix JetWave Command Injection / Denial Of Service Exploit
Multiple versions of Korenix JetWave suffer from authenticated command injection and denial of service vulnerabilities. ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| JetWave4221 HP-E, JetWave 2212G, JetWave 2212X/2212S, |...
The vulnerability of Linux operating system’s socket ports, related to the use of memory after it is freed, allows attackers to increase their privileges.
The vulnerability of Linux operating system’s serial ports is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2021-35520
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports...
CVE-2021-35520
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports...
Buffer overflow
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports...
CVE-2021-35520
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports...
kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c
A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports 0x2E8, 0x2F8, 0x3E8, 0x3F8 are not available. This flaw allows a local user to crash the system. The highest threat from this...
Emerson 396359-32-9 ControlWave CPU module Detection
Binary data 756536.prm...
CVE-2017-18079
A flaw was found in the Linux kernel's implementation of i8042 serial ports. An attacker could cause a kernel panic if they are able to add and remove devices as the module is loaded...