8 matches found
CVE-2026-50099 Naxclow IoT Platform Insertion of sensitive information into Externally-Accessible file or directory
During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits...
SUSE-SU-2025:20883-1 Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue wh...
SUSE-SU-2025:3720-1 Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024173 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
SUSE-SU-2025:03672-1 Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059211 fixes several issues. The following security issues were fixed: - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT...
CVE-2022-50533 wifi: mac80211: mlme: fix null-ptr deref on failed assoc
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mlme: fix null-ptr deref on failed assoc If association to an AP without a link 0 fails, then we crash in tracing because it assumes that either apmldaddr or link 0 BSS is valid, since we clear sdata-vif.validlink...
PT-2025-40682
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the wifi subsystem, specifically in the cfg80211 component. The issue involves accepting authentication or association requests from an Access Poi...
PT-2023-2191 · Cisco · Cisco Catalyst 9100 +2
Name of the Vulnerable Software and Affected Versions: Cisco Business 150 versions affected versions not specified Cisco Business 151 Mesh Extenders versions affected versions not specified Cisco Catalyst 9100 versions affected versions not specified Description: The issue is related to a buffer...
CVE-2022-20945
A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of certain...