753 matches found
CVE-2026-9274
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
CVE-2026-9274
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
CVE-2026-9274 Information Exposure Vulnerability in CP-Plus Wi-Fi Camera
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
exploits
Exploits Exploits and proof-of-concept code from the team at...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will cause a divide by zero error in uartgetdivisor. The check for uartclk...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tty: pcnuart: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must also call dput, otherwise a memory leak will occur over time. To simplify things, simply call...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: w1: fixed NULL pointer dereferencing in the probe. The w1uartprobe function calls w1uartserdevopen which includes devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This order can lead to a NULL...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Update uartdriverregistered upon driver removal. The removal of the last MAX3100 device triggers the removal of the corresponding driver. However, the code does not update the respective global variable. After th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciuart: added a missing NULL check in h5enqueue. Syzbot encountered a general protection fault in pmruntimeresume. The problem was due to a missing NULL check. hu-serdev can be NULL, and we should not blindly pass...
CVE-2026-36738
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...
CVE-2026-36742
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected hidden/debug mode...
EUVD-2026-30045
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected hidden/debug mode...
CVE-2026-36742
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected hidden/debug mode...
CVE-2026-36738
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...
CVE-2026-36742
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected hidden/debug mode...
CVE-2025-4386 Medtronic MyCareLink Patient Monitor Hardware Debug Port
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....
CVE-2025-4386 Medtronic MyCareLink Patient Monitor Hardware Debug Port
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....
CVE-2025-4386
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....
SUSE CVE-2026-43032
In the Linux kernel, the following vulnerability has been resolved: NFC: pn533: bound the UART receive buffer pn532receivebuf appends every incoming byte to dev-recvskb and only resets the buffer after pn532uartrxisframe recognizes a complete frame. A continuous stream of bytes without a valid...
CVE-2026-43061 serial: 8250: Fix TX deadlock when using DMA
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA dmaengineterminateasync does not guarantee that the dmatxcomplete callback will run. The callback is currently the only place where dma-txrunning gets cleared. If the transaction is...