PT-2026-2391

Name of the Vulnerable Software and Affected Versions PTPublisher version 2.3.4 Description The software contains an unquoted service path vulnerability in the PTProtect service. This allows local attackers to potentially execute arbitrary code with elevated privileges. The vulnerable path is...

EUVD-2025-11253

Malicious code in bioql PyPI...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If a USB dongle is inserted whose chip is not maintained in the icidtable, it will lead to a NULL access. Adding a NULL check can prevent Kernel Oops...

CVE-2025-22052

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in niusb If the usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the businterface is set to NULL on disconnect. This problem was introduced by...

CVE-2025-22052 staging: gpib: Fix Oops after disconnect in ni_usb

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in niusb If the usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the businterface is set to NULL on disconnect. This problem was introduced by...

CVE-2025-22052

The CVE-2025-22052 issue affects the Linux kernel (staging gpib driver, ni_usb). It causes a NULL dereference Oops after a USB dongle disconnect because bus_interface is set to NULL; previously NULL checks existed only in select paths. The fix adds a NULL check for bus_interface across all interf...

CVE-2025-22052 staging: gpib: Fix Oops after disconnect in ni_usb

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in niusb If the usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the businterface is set to NULL on disconnect. This problem was introduced by...

PT-2025-16692 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A problem in the Linux kernel has been identified where disconnecting a USB dongle leads to a NULL dereference Oops due to the bus interface being set to NULL. This issue arises becaus...

CVE-2024-57987

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is not maintained in icidtable, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops...

CVE-2024-57987

CVE-2024-57987 is a Linux kernel Bluetooth vulnerability in the btrtl driver. When inserting a USB dongle whose Realtek chip isn’t in ic_id_table, a NULL dereference could trigger a kernel oops. The fix adds a NULL check in btrtl_setup_realtek() to prevent the NULL pointer access. Affected: Linux...

CVE-2021-22382

Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform unauthenticated operations...

Design/Logic Flaw

Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform unauthenticated operations...

CVE-2021-22382

Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform unauthenticated operations...

CVE-2021-22382

CVE-2021-22382 concerns Huawei LTE USB Dongle products (e.g., E3372, E3372h-153, CPU-V200R002B333D01SP00C00) with an improper permission assignment vulnerability. The root cause is flawed permission handling that allows a local attacker to access a PC and persuade a user to install a specially cr...

Security Advisory - Improper Permission Assignment Vulnerability in Some USB Dongle Products

Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a MAC OS to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform unauthenticated...

Introduction to Bluetooth Low Energy

Bluetooth Low Energy BLE is used by almost everyone in our everyday lives, from wireless headphones, to car stereos, computer keyboards and mice, and other everyday items. Even though this standard is popular there seems a general lack of understanding of how it works and what certain terms mean...

Google Will Award $1M-Plus to People Who Can Hack Titan M Security Chip

Google is willing to award up to $1.5 million to hackers who can successfully hack its Titan M security chip on the company’s Pixel devices as part of an expansion of its Android bug-bounty program unveiled this week. The company revealed increased payouts to its Android Security Rewards in a blo...

Homemade TEMPEST Receiver

Tom's Guide writes about home brew TEMPEST receivers: Today, dirt-cheap technology and free software make it possible for ordinary citizens to run their own Tempest programs and listen to what their own -- and their neighbors' -- electronic devices are doing. Elliott, a researcher at Boston-based...

Logitech R700 Laser Presentation Remote Keystroke Injection Vulnerability

Product: R700 Laser Presentation Remote Manufacturer: Logitech Affected Versions: Model R-R0010 PID WD904XM and PID WD802XM Tested Versions: Model R-R0010 PID WD904XM and PID WD802XM Vulnerability Type: Insufficient Verification of Data Authenticity CWE-345 Keystroke Injection Vulnerability Risk...

Inateck 2.4 GHz Wireless Presenter WP1001 Keystroke Injection Vulnerability

Product: 2.4 GHz Wireless Presenter WP1001 Manufacturer: Inateck Affected Versions: Rev. v1.3C Tested Versions: Rev. v1.3C Vulnerability Type: Insufficient Verification of Data Authenticity CWE-345 Keystroke Injection Vulnerability Risk Level: High Solution Status: Open Manufacturer Notification:...