CVE-2025-2919 Netis WF-2404 UART hardware allows activation of test or debug logic at runtime

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device...

CVE-2025-2919 Netis WF-2404 UART hardware allows activation of test or debug logic at runtime

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device...

PT-2025-13557 · Netis · Netis Wf-2404

Name of the Vulnerable Software and Affected Versions: Netis WF-2404 version 1.1.124EN Description: A critical issue affects the UART component, allowing activation of test or debug logic at runtime through physical device manipulation. The vendor was contacted about this disclosure but did not...

The vulnerability of the imx_uart_console_write() function in the Linux kernel’s serial component allows a hacker to trigger a service failure.

The vulnerability of the imxuartconsolewrite function in the Linux kernel’s serial component is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2022-49202

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: add missing NULL check in h5enqueue Syzbot hit general protection fault in pmruntimeresume. The problem was in missing NULL check. hu-serdev can be NULL and we should not blindly pass &serdev-dev somewhere,...

CVE-2022-49613

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usagecount for console handover When console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. Therefore, it will not call pmruntimegetsync. Later, when the actual...

DEBIAN-CVE-2022-49202

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: add missing NULL check in h5enqueue Syzbot hit general protection fault in pmruntimeresume. The problem was in missing NULL check. hu-serdev can be NULL and we should not blindly pass &serdev-dev somewhere,...

CVE-2022-49392 serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe

In the Linux kernel, the following vulnerability has been resolved: serial: 8250aspeedvuart: Fix potential NULL dereference in aspeedvuartprobe platformgetresource may fail and return NULL, so we should better check it's return value to avoid a NULL pointer dereference...

CVE-2024-57790

IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...

CVE-2024-57790

IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...

CVE-2024-57790

IXON B.V. IXrouter IX2400 Industrial Edge Gateway v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH...

CVE-2024-57790

CVE-2024-57790 affects IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) v3.0. A hardcoded root credential stored in non-volatile flash enables physically proximate attackers to obtain root access via UART or SSH. The vulnerability is categorized with physical attack vector, low authentication,...

DEBIAN-CVE-2025-21695

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer dereference in...

CVE-2025-21695

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer dereference in...

CVE-2025-21695 platform/x86: dell-uart-backlight: fix serdev race

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer dereference in...

CVE-2025-21695 platform/x86: dell-uart-backlight: fix serdev race

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer dereference in...

CVE-2025-21695

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer dereference in...

Silicon CP210x VCP Windows installer 代码问题漏洞

Silicon CP210x VCP Windows installer is a CP210x VCP Windows installer from Silicon Corporation. A security vulnerability exists in Silicon CP210x VCP Windows installer that originates from an uncontrolled search path. An attacker could exploit the vulnerability to escalate privileges and execute...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE...

CVE-2024-54127

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...