Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure

Electrolink transmitters store credentials in clear-text. Use of these credentials could allow an attacker to access the system. id: CVE-2024-3742 info: name: Electrolink FM/DAB/TV Transmitter controlloLogin.js - Credentials Disclosure author: Farish severity: high description: | Electrolink...

CVE-2025-41278

Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Host...

CVE-2025-41278

Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Host...

Waterfall WF-500 操作系统命令注入漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. Version 7.9.1.0 R2502171040 of the Waterfall WF-500 RX Host contains an operating system command injection vulnerability. This...

Waterfall WF-500 缓冲区错误漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. In the version 7.10.0.0 R2601141040 of the Waterfall WF-500 RX Host, there is a buffer error vulnerability. This vulnerability stems...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mpblk: Add fdcc clock to hdmimix domain According to the i.MX8MP RM and HDMI specifications, the fdcc clock is part of the HDMI RX verification IP. This clock should not be enabled for HDMI TX...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduced a timeout when waiting for the transmitter to become empty By waiting for at most 1 second until the USR2TXDC is set, we can avoid a potential deadlock. In case of a timeout, there’s not much we can do;...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in the successful path. Setting tty-discdata before opening the NCI device means that we need to clean up the state in error paths. This also creates a short window during which the device ma...

CVE-2026-23277

CVE-2026-23277 (TEQL NULL pointer dereference in iptunnel_xmit) is fixed in Linux kernel TEQL transmit path. When a GRE Gretap tunnel is TEQL slave, teql_master_xmit() transmits via netdev_start_xmit() without updating skb->dev to the slave. iptunnel_xmit then uses the original dev from skb-&g...

Artificial Noise Versus Artificial Noise Elimination: Redefining Scaling Laws of Physical Layer Security

Artificial noise AN is a key physical-layer security scheme for wireless communications over multiple-input multiple-output wiretap channels. Recently, artificial noise elimination ANE has emerged as a strategy to mitigate the impact of AN on eavesdroppers. However, the influence of ANE on the...

PT-2026-4680

A vulnerability was detected in Beetel 777VR1 up to 01.00.09/01.00.09 55. Impacted is an unknown function of the component UART Interface. The manipulation results in missing authentication. An attack on the physical device is feasible. This attack is characterized by high complexity. The...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003950)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003950 advisory. An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hciuartregisterdev fails in hciuartsetproto in...

CVE-2023-45396

An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...

EUVD-2023-60228

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966

CVE-2023-53966 affects SOUND4 LinkAndShare Transmitter 1.1.2. It describes a format string vulnerability in getenv() usage where the attacker can manipulate the username environment variable to trigger memory stack overflows, potentially enabling arbitrary code execution and causing a crash. This...

CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

SOUND4 LinkAndShare Transmitter 格式化字符串错误漏洞

SOUND4 LinkAndShare Transmitter is a remote control communication component from SOUND4 France. A Formatting String Error vulnerability exists in SOUND4 LinkAndShare Transmitter version 1.1.2, which stems from a Formatting String vulnerability that could lead to a memory stack overflow...

PT-2025-52703

Name of the Vulnerable Software and Affected Versions SOUND4 LinkAndShare Transmitter version 1.1.2 Description SOUND4 LinkAndShare Transmitter version 1.1.2 contains a format string vulnerability. This allows attackers to trigger memory stack overflows through maliciously crafted environment...