Lucene search
+L

6390 matches found

mscve
mscve
added 2026/06/10 8:4 a.m.10 views

spi: topcliff-pch: fix use-after-free on unbind

...

7.8CVSS5.8AI score0.00117EPSS
Exploits0
susecve
susecve
added 2026/06/10 2:25 a.m.10 views

SUSE CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS5.4AI score0.00132EPSS
Exploits0References3
osv
osv
added 2026/06/10 12:33 a.m.2 views

CVE-2026-45328 ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.9AI score0.00126EPSS
Exploits0References9
osv
osv
added 2026/06/09 4:22 p.m.16 views

USN-8412-1 qemu vulnerabilities

Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly handled certain responses from an iSCSI server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary...

8.2CVSS7.7AI score0.04018EPSS
Exploits10References40
mscve
mscve
added 2026/06/09 2:0 p.m.11 views

Chromium: CVE-2026-11012 Use after free in Serial

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.4AI score0.00286EPSS
Exploits0
cvelist
cvelist
added 2026/06/09 12:25 p.m.33 views

CVE-2026-46326 iio: pressure: mprls0025pa: fix spi_transfer struct initialisation

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS0.00132EPSS
Exploits0References4
debiancve
debiancve
added 2026/06/09 12:25 p.m.11 views

CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS5.3AI score0.00132EPSS
Exploits0
euvd
euvd
added 2026/06/09 12:25 p.m.13 views

EUVD-2026-35427

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

5.4AI score0.00132EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.15 views

PT-2026-47784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mprls0025pa pressure sensor driver where the spi transfer structure is not properly zeroed out before use, which can lead to undefined behavior during SPI transfer...

8.4CVSS5.8AI score0.00132EPSS
Exploits0References17
osv
osv
added 2026/06/08 3:46 p.m.2 views

CVE-2026-46296 spi: s3c64xx: fix NULL-deref on driver unbind

In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe back to s3c64xxspipreparetransfer failed to remove the corresponding deallocation from remove. Drop the bogus DMA channel release fro...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References9
redhatcve
redhatcve
added 2026/06/08 2:59 p.m.7 views

CVE-2026-40510

A flaw was found in OpenSC. A physically present attacker can exploit a stack buffer overflow vulnerability in the pivprocesshistory function by presenting a specially crafted Personal Identity Verification PIV smart card or USB device. This can lead to memory corruption within the system,...

6.8CVSS5.5AI score0.00216EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/07 4:47 a.m.11 views

CVE-2026-11012

An use after free flaw was found in the Serial component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497000161...

9CVSS5.4AI score0.00286EPSS
Exploits0References5
susecve
susecve
added 2026/06/07 4:42 a.m.11 views

SUSE CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00234EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/06 6:43 p.m.11 views

CVE-2026-47104

A flaw was found in libusb. This out-of-bounds read vulnerability allows a local attacker, particularly in virtualized environments utilizing USB passthrough, to trigger a denial of service. By providing a malformed USB descriptor, the attacker can cause the software to read beyond its allocated...

5.5CVSS5.2AI score0.0013EPSS
Exploits0References8
redhatcve
redhatcve
added 2026/06/05 7:48 p.m.13 views

CVE-2026-36174

GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface...

4.6CVSS5.5AI score0.0014EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:40 p.m.10 views

CVE-2025-4386

Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.​...

6.8CVSS5.4AI score0.00157EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:35 p.m.12 views

CVE-2026-49192

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.4CVSS5.5AI score0.00138EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:21 p.m.9 views

CVE-2026-47272

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

7.1CVSS5.5AI score0.00119EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40851

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability...

8.4CVSS5.6AI score0.00133EPSS
Exploits0References1
osv
osv
added 2026/06/05 3:54 a.m.8 views

MINI-R232-QJ48-CMC3

Bulletin has no description...

6.5CVSS5.7AI score0.00196EPSS
Exploits0
Rows per page
Query Builder