CVEs — Hardware & Firmware Vulnerabilities

460 vulnerabilities from NVD.

CVE IDDescriptionSeverityCVSSDate
CVE-2025-6599An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C...MEDIUM5.32025-11-18
CVE-2025-8693A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(A...HIGH8.82025-11-18
CVE-2025-8404Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access t...MEDIUM5.52025-11-18
CVE-2025-63225The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Control due to missing au...CRITICAL9.82025-11-18
CVE-2025-63209The ELCA Star Transmitter Remote Control firmware 1.25 for STAR150, BP1000, STAR300, STAR2000, STAR1000, STAR500, and po...HIGH7.52025-11-19
CVE-2025-63211Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5...MEDIUM6.12025-11-19
CVE-2025-60737Cross Site Scripting vulnerability in Ilevia EVE X1 Server Firmware Version<= 4.7.18.0.eden:Logic Version<=6.00 - 2025_0...MEDIUM6.12025-11-20
CVE-2025-44018A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially craft...HIGH8.32025-11-24
CVE-2025-12003A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact...02025-11-25
CVE-2025-59365A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigge...02025-11-25
CVE-2025-59366An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effe...02025-11-25
CVE-2025-59368An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerabil...02025-11-25
CVE-2025-59369A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnera...02025-11-25
CVE-2025-59370A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vul...02025-11-25
CVE-2025-59371An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated att...02025-11-25
CVE-2025-59372A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could expl...02025-11-25
CVE-2025-60739Cross Site Request Forgery (CSRF) vulnerability in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before, Logi...CRITICAL9.62025-11-25
CVE-2025-33189NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A...HIGH7.82025-11-25
CVE-2025-33190NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A ...MEDIUM6.72025-11-25
CVE-2025-33191NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read....MEDIUM5.72025-11-25
CVE-2025-33192NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read...MEDIUM5.72025-11-25
CVE-2025-33193NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of i...MEDIUM5.72025-11-25
CVE-2025-33194NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of i...MEDIUM5.72025-11-25
CVE-2025-33195NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer...MEDIUM4.42025-11-25
CVE-2025-33196NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused....MEDIUM4.42025-11-25
CVE-2025-33197NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereferen...MEDIUM4.32025-11-25
CVE-2025-33198NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused....LOW3.32025-11-25
CVE-2025-33199NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow b...LOW3.22025-11-25
CVE-2025-33200NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused....LOW2.32025-11-25
CVE-2025-64983Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attac...HIGH82025-11-26
CVE-2025-8890Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell comman...02025-11-27
CVE-2025-34319TOTOLINK N300RT wireless router firmware versions prior to V3.4.0-B20250430 (discovered in V2.1.8-B20201030.1539) contai...02025-12-03
CVE-2025-40226In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Account for failed debug initia...02025-12-04
CVE-2025-40321In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Fram...02025-12-08
CVE-2025-40938A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device stores sensitive inf...HIGH8.12025-12-09
CVE-2024-58314Atcom 100M IP Phones firmware version 2.7.x.x contains an authenticated command injection vulnerability in the web confi...HIGH8.82025-12-12
CVE-2025-68236In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS p...02025-12-16
CVE-2023-53896D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attacke...HIGH7.52025-12-16
CVE-2025-11901An uncontrolled resource consumption vulnerability affects certain ASUS motherboards using Intel B460, B560, B660, B760...02025-12-17
CVE-2025-10910A flaw in the binding process of Govee’s cloud platform and devices allows a remote attacker to bind an existing, online...02025-12-18
CVE-2025-14884A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the com...HIGH7.22025-12-18
CVE-2025-14910A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handle_retr of the component FTP Daemon...MEDIUM4.32025-12-19
CVE-2025-11543Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may c...CRITICAL9.82025-12-22
CVE-2025-11544Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may c...02025-12-22
CVE-2025-68328In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controll...02025-12-22
CVE-2023-53967Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the ...HIGH7.52025-12-22
CVE-2023-53968Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authenti...CRITICAL9.82025-12-22
CVE-2023-53969Screen SFT DAB 600/C firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authenti...HIGH7.52025-12-22
CVE-2023-53970Screen SFT DAB 600/C Firmware 1.9.3 contains a weak session management vulnerability that allows attackers to bypass aut...HIGH7.52025-12-22
CVE-2025-65856Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21....CRITICAL9.82025-12-22
CVE-2022-50700In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On...02025-12-24
CVE-2023-54027In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there...02025-12-24
CVE-2025-68380In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS assignment In ath11k...02025-12-24
CVE-2022-50763In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflow...02025-12-24
CVE-2023-54058In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Check if ffa_driver remove is pr...02025-12-24
CVE-2023-54098In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt deb...02025-12-24
CVE-2023-54129In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation for lmac type Upon ph...02025-12-24
CVE-2023-54133In the Linux kernel, the following vulnerability has been resolved: nfp: clean mc addresses in application firmware whe...02025-12-24
CVE-2023-54150In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser ...02025-12-24
CVE-2023-54160In the Linux kernel, the following vulnerability has been resolved: firmware: arm_sdei: Fix sleep from invalid context ...02025-12-24
CVE-2025-52600Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/Io...HIGH7.22025-12-26
CVE-2025-52601Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/Io...HIGH7.82025-12-26
CVE-2025-8075Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/Io...MEDIUM5.42025-12-26
CVE-2025-15245A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware ...LOW3.52025-12-30
CVE-2022-50880In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete...02025-12-30
CVE-2023-54234In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc->evtack_cmds initia...02025-12-30
CVE-2023-54279In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fw_ge...02025-12-30
CVE-2023-54304In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL poi...02025-12-30
CVE-2023-54325In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix out-of-bounds read When preparin...02025-12-30
CVE-2025-15256A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the file /gofo...HIGH7.32025-12-30
CVE-2025-15257A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRo...HIGH7.32025-12-30
CVE-2025-15258A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected by this issue is the function formALGSetup of the...LOW3.52025-12-30
CVE-2022-50796SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability in the firmware uplo...CRITICAL9.82025-12-30
CVE-2021-47745Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script...HIGH8.82025-12-31
CVE-2025-15474AuntyFey Smart Combination Lock firmware versions as of 2025-12-24 contain a vulnerability that allows an unauthenticate...02026-01-07
CVE-2017-20212FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows una...MEDIUM6.22026-01-08
CVE-2017-20213FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows rem...HIGH7.52026-01-08
CVE-2017-20215FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 contains an authenticated OS command injection vulnerability that ...HIGH8.82026-01-08
CVE-2025-67089A command injection vulnerability exists in the GL-iNet GL-AXT1800 router firmware v4.6.8. The vulnerability is present ...HIGH8.12026-01-08
CVE-2025-7072The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text (shared across all route...02026-01-09
CVE-2025-68812In the Linux kernel, the following vulnerability has been resolved: media: iris: Add sanity check for stop streaming A...02026-01-13
CVE-2025-68816In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fw_tracer, Validate format string paramet...02026-01-13
CVE-2025-68707An authentication bypass vulnerability in the Tongyu AX1800 Wi-Fi 6 Router with firmware 1.0.0 allows unauthenticated ne...HIGH8.82026-01-13
CVE-2022-50926WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipula...CRITICAL9.82026-01-13
CVE-2025-65396A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically prox...MEDIUM6.12026-01-14
CVE-2026-21912A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the method to collect FPC Ethernet firmware statist...MEDIUM5.52026-01-15
CVE-2025-12006There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can up...HIGH7.22026-01-16
CVE-2025-12007There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can up...HIGH8.42026-01-16
CVE-2026-1221PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a Use of Hard-coded Credentials vulnerability, allowi...CRITICAL9.82026-01-20
CVE-2026-23699AP180 series with firmware versions prior to AP_RGOS 11.9(4)B1P8 contains an OS command injection vulnerability. If this...HIGH7.22026-01-22
CVE-2025-64097NervesHub is a web service that allows users to manage over-the-air (OTA) firmware updates of devices in the field. A vu...CRITICAL9.82026-01-22
CVE-2026-22981In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a res...MEDIUM5.52026-01-23
CVE-2026-24433Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain a stored cross-site scripting vul...MEDIUM5.42026-01-26
CVE-2025-14756Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing...HIGH8.82026-01-26
CVE-2020-36963Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthentica...HIGH7.52026-01-28
CVE-2026-24426Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior contain an improper output encoding vulnerability in the w...MEDIUM6.12026-02-03
CVE-2025-70545A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X r...MEDIUM6.12026-02-04
CVE-2026-23059In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent mem...02026-02-04
CVE-2026-23070In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmwar...02026-02-04
CVE-2026-23084In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_...02026-02-04
CVE-2025-11730A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP s...HIGH7.22026-02-05
CVE-2026-25857Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagn...HIGH8.82026-02-07
CVE-2025-20080Null pointer dereference in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability within Ring 0: Kernel...MEDIUM6.82026-02-10
CVE-2025-22453Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User ...HIGH7.52026-02-10
CVE-2025-22885Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software ad...MEDIUM4.72026-02-10
CVE-2025-24851Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x withi...MEDIUM62026-02-10
CVE-2025-25210Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User ...HIGH8.22026-02-10
CVE-2025-27243Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring...MEDIUM62026-02-10
CVE-2025-27535Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before vers...MEDIUM5.32026-02-10
CVE-2025-27708Out-of-bounds read in the firmware for some Intel(R) Converged Security and Management Engine (CSME) Firmware (FW) withi...MEDIUM4.12026-02-10
CVE-2025-32003Out-of-bounds read in the firmware for some 100GbE Intel(R) Ethernet Network Adapter E810 before version cvl fw 1.7.6, c...MEDIUM6.52026-02-10
CVE-2025-32008Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) Standard Manageability within Ring 3: User Applica...HIGH8.62026-02-10
CVE-2025-32735Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denia...MEDIUM5.52026-02-10
CVE-2025-32739Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Devic...LOW2.82026-02-10
CVE-2025-33030Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User Applications may allow an e...LOW3.32026-02-10
CVE-2025-35992Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denia...MEDIUM4.72026-02-10
CVE-2025-35999Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) S...MEDIUM6.72026-02-10
CVE-2026-25872JUNG Smart Panel KNX firmware version L1.12.22 and prior contain an unauthenticated path traversal vulnerability in the ...MEDIUM5.32026-02-10
CVE-2026-23172In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb->frags overflow ...02026-02-14
CVE-2026-23186In the Linux kernel, the following vulnerability has been resolved: hwmon: (acpi_power_meter) Fix deadlocks related to ...02026-02-14
CVE-2026-23206In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: prevent ZERO_SIZE_PTR dereference whe...02026-02-14
CVE-2026-2566A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub_406194 of ...HIGH7.22026-02-16
CVE-2025-11845A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware ve...MEDIUM4.92026-02-24
CVE-2025-11846A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions...MEDIUM4.92026-02-24
CVE-2025-11847A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions thro...MEDIUM4.92026-02-24
CVE-2025-11848A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version throu...MEDIUM4.92026-02-24
CVE-2025-13942A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C...CRITICAL9.82026-02-24
CVE-2025-13943A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware ...HIGH8.82026-02-24
CVE-2026-1459A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG362...HIGH7.22026-02-24
CVE-2026-23678Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerabilit...HIGH8.82026-02-24
CVE-2026-20910An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker ...HIGH82026-02-27
CVE-2026-24517An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacke...HIGH82026-02-27
CVE-2026-24689An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker...HIGH82026-02-27
CVE-2026-25195An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attack...HIGH82026-02-27
CVE-2026-1442Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an a...HIGH7.82026-02-27
CVE-2026-21660Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in F...CRITICAL9.82026-02-27
CVE-2026-27751SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remot...CRITICAL9.82026-02-27
CVE-2026-27753SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication bypass vulnerability that allows re...MEDIUM6.52026-02-27
CVE-2026-27755SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability th...CRITICAL9.82026-02-27
CVE-2026-27756SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the...MEDIUM6.12026-02-27
CVE-2026-27757SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication vulnerability that allows authentic...HIGH7.12026-02-27
CVE-2026-27758SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a cross-site request forgery vulnerability in its man...MEDIUM4.32026-02-27
CVE-2026-3344A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and...MEDIUM4.92026-03-03
CVE-2025-69969A lack of authentication and authorization mechanisms in the Bluetooth Low Energy (BLE) communication protocol of SRK Po...CRITICAL9.62026-03-04
CVE-2025-7375A denial-of-service (DoS) vulnerability was identified in Omada EAP610 v3. An attacker with adjacent network access can...MEDIUM6.52026-03-05
CVE-2026-3612A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub_405AF4 of the file /cgi-bin/...HIGH7.22026-03-06
CVE-2026-25070XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in...CRITICAL9.82026-03-07
CVE-2026-25071XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability i...HIGH7.52026-03-07
CVE-2026-25072XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnera...CRITICAL9.82026-03-07
CVE-2026-25073XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a stored cross-site scripting vulnerabil...MEDIUM5.42026-03-07
CVE-2025-70798Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shado...HIGH8.42026-03-10
CVE-2025-70802Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/sh...HIGH8.42026-03-10
CVE-2026-28806Improper Authorization vulnerability in nerves-hub nerves_hub_web allows cross-organization device control via device bu...02026-03-10
CVE-2025-20005Improper buffer restrictions in some UEFI firmware for some Intel(R) reference platforms may allow an escalation of priv...02026-03-10
CVE-2025-20096Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. ...02026-03-10
CVE-2025-20105Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation ...02026-03-10
CVE-2019-25470eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal pr...HIGH7.52026-03-11
CVE-2025-36522Incorrect default permissions for some Intel(R) Chipset Software before version 10.1.20266.8668 or later. within Ring 3:...MEDIUM6.72026-02-10
CVE-2025-66646RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) ...HIGH7.52025-12-17
CVE-2025-66647RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) ...CRITICAL9.82025-12-17
CVE-2026-23833ESPHome is a system to control microcontrollers remotely through Home Automation systems. In versions 2025.9.0 through 2...HIGH7.52026-01-19
CVE-2026-25139RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) ...CRITICAL9.12026-02-04
CVE-2026-27703RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) ...HIGH7.52026-03-11
CVE-2025-66399Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw i...HIGH8.82025-12-02
CVE-2025-50681igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service (application crash) via a craft...HIGH7.52025-12-19
CVE-2023-54047In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: dw_hdmi: cleanup drm encoder during u...02025-12-24
CVE-2022-50696SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cann...CRITICAL9.82025-12-30
CVE-2025-69425The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) expose a command execution service on TCP port 2...02026-01-09
CVE-2025-59103The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revis...02026-01-26
CVE-2025-65077A relative path traversal vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devic...02026-02-03
CVE-2025-65078An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark device...02026-02-03
CVE-2020-37092Netis E1+ version 1.2.32533 contains a hardcoded root account vulnerability that allows unauthenticated attackers to acc...HIGH7.52026-02-03
CVE-2026-1997Certain HP OfficeJet Pro printers may expose information if Cross‑Origin Resource Sharing (CORS) is misconfigured, poten...MEDIUM5.32026-02-10
CVE-2026-24455The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTTP Basic Authenticati...HIGH7.52026-02-20
CVE-2026-25648Versions of the Traccar open-source GPS tracking system starting with 6.11.1 contain an issue in which authenticated use...HIGH8.72026-02-23
CVE-2026-0754An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering t...02026-03-03
CVE-2025-40238In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec cleanup over MPV device When w...02025-12-04
CVE-2025-40243In the Linux kernel, the following vulnerability has been resolved: hfs: fix KMSAN uninit-value issue in hfs_find_set_z...02025-12-04
CVE-2025-40244In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in __hfsplus_...02025-12-04
CVE-2025-40246In the Linux kernel, the following vulnerability has been resolved: xfs: fix out of bounds memory read error in symlink...02025-12-04
CVE-2025-40251In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devl_rate_no...MEDIUM5.52025-12-04
CVE-2025-40257In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcp_pm_del_add_timer() mptc...02025-12-04
CVE-2025-40261In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in ...02025-12-04
CVE-2025-40265In the Linux kernel, the following vulnerability has been resolved: vfat: fix missing sb_min_blocksize() return value c...02025-12-04
CVE-2025-40273In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4_free_ol_state...02025-12-06
CVE-2025-40274In the Linux kernel, the following vulnerability has been resolved: KVM: guest_memfd: Remove bindings on memslot deleti...02025-12-06
CVE-2025-40280In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_mon_reinit_self()....02025-12-06
CVE-2025-40281In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctp_...02025-12-06
CVE-2025-40290In the Linux kernel, the following vulnerability has been resolved: xsk: avoid data corruption on cq descriptor number ...02025-12-08
CVE-2025-40295In the Linux kernel, the following vulnerability has been resolved: fscrypt: fix left shift underflow when inode->i_blk...02025-12-08
CVE-2025-40309In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_conn_free BUG: KASA...02025-12-08
CVE-2022-50628In the Linux kernel, the following vulnerability has been resolved: drm/gud: Fix UBSAN warning UBSAN complains about i...02025-12-08
CVE-2023-53752In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmalloc_reserve...02025-12-08
CVE-2023-53761In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl contr...02025-12-08
CVE-2023-53762In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_...02025-12-08
CVE-2023-53764In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peer_id find ath1...02025-12-08
CVE-2023-53765In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in ...02025-12-08
CVE-2022-50652In the Linux kernel, the following vulnerability has been resolved: uio: uio_dmem_genirq: Fix missing unlock in irq con...02025-12-09
CVE-2023-53781In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcp_write_timer_handler(...02025-12-09
CVE-2023-53795In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFD_DESTROY should not increase the re...02025-12-09
CVE-2023-53800In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed...02025-12-09
CVE-2023-53809In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tp_tun...02025-12-09
CVE-2023-53821In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix slab-use-after-free in decode_session6...02025-12-09
CVE-2023-53824In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk->max_rec...02025-12-09
CVE-2023-53829In the Linux kernel, the following vulnerability has been resolved: f2fs: flush inode if atomic file is aborted Let's ...02025-12-09
CVE-2023-53831In the Linux kernel, the following vulnerability has been resolved: net: read sk->sk_family once in sk_mc_loop() syzbo...02025-12-09
CVE-2023-53841In the Linux kernel, the following vulnerability has been resolved: devlink: report devlink_port_type_warn source devic...02025-12-09
CVE-2023-53846In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in trun...02025-12-09
CVE-2023-53847In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_che...02025-12-09
CVE-2023-53857In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockd...02025-12-09
CVE-2023-53860In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection ...02025-12-09
CVE-2023-53862In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfs_bnode_get() in __hfs_bnode_cre...02025-12-09
CVE-2023-53865In the Linux kernel, the following vulnerability has been resolved: btrfs: fix warning when putting transaction with qg...02025-12-09
CVE-2024-38798EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized ...02025-12-09
CVE-2025-2296EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successf...02025-12-09
CVE-2025-58770APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privile...HIGH8.82025-12-12
CVE-2025-40349In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplus_bmap_alloc ...02025-12-16
CVE-2025-40351In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplus_de...02025-12-16
CVE-2025-40355In the Linux kernel, the following vulnerability has been resolved: sysfs: check visibility before changing group attri...02025-12-16
CVE-2025-40357In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in __smc_diag...02025-12-16
CVE-2025-68180In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odm_comb...02025-12-16
CVE-2025-68199In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAG_EMPTY in ma...02025-12-16
CVE-2025-68229In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix segfault in tcm_loop_tp...02025-12-16
CVE-2025-68231In the Linux kernel, the following vulnerability has been resolved: mm/mempool: fix poisoning order>0 pages with HIGHME...02025-12-16
CVE-2025-68261In the Linux kernel, the following vulnerability has been resolved: ext4: add i_data_sem protection in ext4_destroy_inl...02025-12-16
CVE-2025-68265In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin request_queue lifetime The namespa...02025-12-16
CVE-2025-68291In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcv_mss before calling tcp_send_a...02025-12-16
CVE-2025-68297In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in process_v2_sparse_read() for enc...02025-12-16
CVE-2025-68332In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fix invalid PNP driver unregistra...02025-12-22
CVE-2025-68335In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818_ai_can...02025-12-22
CVE-2022-50705In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context ...02025-12-24
CVE-2023-54004In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in __sk_mem_r...02025-12-24
CVE-2023-54006In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-race around unix_tot_inflight. u...02025-12-24
CVE-2023-54008In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We...02025-12-24
CVE-2023-54032In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting quota root from the d...02025-12-24
CVE-2023-54037In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Call...02025-12-24
CVE-2025-68367In the Linux kernel, the following vulnerability has been resolved: macintosh/mac_hid: fix race condition in mac_hid_to...02025-12-24
CVE-2025-68368In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddev_init IO operations may be...02025-12-24
CVE-2022-50715In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array ru...02025-12-24
CVE-2022-50716In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() ti...02025-12-24
CVE-2022-50720In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC ...02025-12-24
CVE-2022-50726In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async comm...02025-12-24
CVE-2022-50735In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the d...02025-12-24
CVE-2022-50737In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate index root when initialize NTFS ...02025-12-24
CVE-2022-50739In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operatio...02025-12-24
CVE-2022-50752In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_rea...02025-12-24
CVE-2022-50753In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As We...02025-12-24
CVE-2023-54051In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAG...02025-12-24
CVE-2023-54060In the Linux kernel, the following vulnerability has been resolved: iommufd: Set end correctly when doing batch carry ...02025-12-24
CVE-2023-54067In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting free space root from ...02025-12-24
CVE-2023-54073In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_u...02025-12-24
CVE-2023-54080In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting ...02025-12-24
CVE-2023-54090In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix panic during XDP_TX with > 64 CPUs Comm...02025-12-24
CVE-2023-54094In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentati...02025-12-24
CVE-2023-54113In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, fo...02025-12-24
CVE-2023-54125In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended at...02025-12-24
CVE-2023-54132In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clust...02025-12-24
CVE-2023-54142In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in __gtp_encap_destroy(). ...02025-12-24
CVE-2023-54148In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profil...02025-12-24
CVE-2022-50816In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another sy...02025-12-30
CVE-2022-50817In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skb_clone() ...02025-12-30
CVE-2022-50819In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg ...02025-12-30
CVE-2022-50841In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size Th...02025-12-30
CVE-2022-50850In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in ipr_init() ipr_init() wi...02025-12-30
CVE-2022-50851In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: fix the crash in unmap a large memory ...02025-12-30
CVE-2022-50862In the Linux kernel, the following vulnerability has been resolved: bpf: prevent decl_tag from being referenced in func...02025-12-30
CVE-2022-50881In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_di...02025-12-30
CVE-2022-50885In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup()...02025-12-30
CVE-2023-54164In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix iso_conn related locking and va...02025-12-30
CVE-2023-54165In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zs_map_object() to z...02025-12-30
CVE-2023-54170In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate key to a keyring's as...02025-12-30
CVE-2023-54176In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcp_worker As rep...02025-12-30
CVE-2023-54180In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-rep...02025-12-30
CVE-2023-54193In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: remove block_cb from driver_lis...02025-12-30
CVE-2023-54196In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL pointer dereference in 'ni_write...02025-12-30
CVE-2023-54203In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr ...02025-12-30
CVE-2023-54206In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization T...02025-12-30
CVE-2023-54213In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuz...02025-12-30
CVE-2023-54216In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mod...02025-12-30
CVE-2023-54218In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk->sk_stamp in sock_recv_...02025-12-30
CVE-2023-54219In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert co...02025-12-30
CVE-2023-54223In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legac...02025-12-30
CVE-2023-54226In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KC...02025-12-30
CVE-2023-54236In the Linux kernel, the following vulnerability has been resolved: net/net_failover: fix txq exceeding warning The fa...02025-12-30
CVE-2023-54239In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found t...02025-12-30
CVE-2023-54241In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After comm...02025-12-30
CVE-2023-54242In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum...02025-12-30
CVE-2023-54251In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCL...02025-12-30
CVE-2023-54270In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused b...02025-12-30
CVE-2023-54274In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'mad_agent' pointe...02025-12-30
CVE-2023-54277In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer...02025-12-30
CVE-2023-54283In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpf_lru_list KCSAN re...02025-12-30
CVE-2023-54286In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-span...02025-12-30
CVE-2023-54291In the Linux kernel, the following vulnerability has been resolved: vduse: fix NULL pointer dereference vduse_vdpa_set...02025-12-30
CVE-2023-54296In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-E...02025-12-30
CVE-2023-54308In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snd_d...02025-12-30
CVE-2023-54316In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t...02025-12-30
CVE-2023-54318In the Linux kernel, the following vulnerability has been resolved: net/smc: use smc_lgr_list.lock to protect smc_lgr_l...02025-12-30
CVE-2025-68757In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release ...02026-01-05
CVE-2025-68769In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fs_recover_fsync_data()...02026-01-13
CVE-2025-68772In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context dur...02026-01-13
CVE-2025-68776In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prp_get_un...02026-01-13
CVE-2025-68793In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job->pasid access race in gpu rec...02026-01-13
CVE-2025-68796In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating zero-sized extent in ex...02026-01-13
CVE-2025-68800In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_mr: Fix use-after-free when updatin...02026-01-13
CVE-2025-68801In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_router: Fix neighbour use-after-fre...02026-01-13
CVE-2025-68810In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an ex...02026-01-13
CVE-2025-68815In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove drr class from the active li...02026-01-13
CVE-2025-68818In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless comma...02026-01-13
CVE-2025-71065In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Z...02026-01-13
CVE-2025-71087In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavf_config_rss_reg(...02026-01-13
CVE-2025-71088In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzka...02026-01-13
CVE-2025-71091In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in team_queue_over...02026-01-13
CVE-2025-71093In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e10...02026-01-13
CVE-2025-71105In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inline_xattr_slab instead of per-s...02026-01-14
CVE-2025-71107In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_p...02026-01-14
CVE-2025-71118In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if start_node i...02026-01-14
CVE-2025-71123In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_op...02026-01-14
CVE-2025-71125In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events S...02026-01-14
CVE-2025-71126In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting...02026-01-14
CVE-2025-71132In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPT_RT When ...02026-01-14
CVE-2025-71144In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure context reset on disconnect() After ...MEDIUM5.52026-01-14
CVE-2026-0421A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads wh...MEDIUM6.52026-01-14
CVE-2026-22976In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix NULL deref when deactivatin...MEDIUM5.52026-01-21
CVE-2026-22977In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sock_recv...MEDIUM5.52026-01-21
CVE-2026-22996In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devl...MEDIUM5.52026-01-25
CVE-2026-23000In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback fai...MEDIUM5.52026-01-25
CVE-2026-23003In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tn...02026-01-25
CVE-2026-23004In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_list_del() and rt_de...02026-01-25
CVE-2026-23005In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state wh...02026-01-25
CVE-2026-23010In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzb...02026-01-25
CVE-2026-23011In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to...02026-01-25
CVE-2025-71183In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when loggin...02026-01-31
CVE-2026-23035In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev inst...02026-01-31
CVE-2026-23045In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink param...02026-02-04
CVE-2026-23062In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GET_I...MEDIUM5.52026-02-04
CVE-2026-23088In the Linux kernel, the following vulnerability has been resolved: tracing: Fix crash on synthetic stacktrace field us...02026-02-04
CVE-2026-23099In the Linux kernel, the following vulnerability has been resolved: bonding: limit BOND_MODE_8023AD to Ethernet devices...02026-02-04
CVE-2026-23101In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to leds_list when it ...02026-02-04
CVE-2026-23126In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix a race issue related to the operatio...02026-02-14
CVE-2026-23131In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for ...02026-02-14
CVE-2026-23167In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregiste...02026-02-14
CVE-2026-23171In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail aft...02026-02-14
CVE-2026-23173In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers...02026-02-14
CVE-2026-23192In the Linux kernel, the following vulnerability has been resolved: linkwatch: use __dev_put() in callers to prevent UA...02026-02-14
CVE-2026-23198In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassign...02026-02-14
CVE-2026-23200In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing...02026-02-14
CVE-2026-23214In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully r...02026-02-18
CVE-2026-23215In the Linux kernel, the following vulnerability has been resolved: x86/vmware: Fix hypercall clobbers Fedora QA repor...02026-02-18
CVE-2026-23219In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloc_tagging_slab_free_hook for memcg...02026-02-18
CVE-2025-71232In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system ...02026-02-18
CVE-2025-71236In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associate...02026-02-18
CVE-2025-64736An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Ma...MEDIUM6.12026-03-03
CVE-2026-20777A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbios...HIGH8.12026-03-03
CVE-2026-22891A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig...CRITICAL9.82026-03-03
CVE-2025-71238In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free ...02026-03-04
CVE-2026-0940A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local pr...MEDIUM6.72026-03-11
CVE-2025-8860A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFI_VARS_REG_BUFFER_SIZE, t...LOW3.32026-02-18
CVE-2025-20027Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may allow an escalation of p...02026-03-10
CVE-2025-20064Improper input validation in the UEFI FlashUcAcmSmm module for some Intel(R) reference platforms may allow an escalation...02026-03-10
CVE-2025-20068Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalati...02026-03-10
CVE-2025-20073Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within UEFI may allow an infor...02026-03-10
CVE-2025-22444Exposure of resource to wrong sphere in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an inform...02026-03-10
CVE-2025-22850Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an in...02026-03-10
CVE-2022-50738In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix an iotlb memory leak Before commit...02025-12-24
CVE-2025-71089In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch se...HIGH7.82026-01-13
CVE-2025-63624SQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart water meter monitoring platform v.1.0 allows...CRITICAL9.82026-02-03
CVE-2025-71202In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kerne...02026-02-14
CVE-2026-27177MajorDoMo (aka Major Domestic Module) contains a stored cross-site scripting (XSS) vulnerability via the /objects/?op=se...HIGH7.22026-02-18
CVE-2026-20761A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in th...HIGH8.12026-02-20
CVE-2026-22885A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in th...LOW3.72026-02-20
CVE-2026-24015A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Us...CRITICAL9.82026-03-09
CVE-2026-24713Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from...CRITICAL9.82026-03-09
CVE-2025-33188NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware contro...HIGH82025-11-25
CVE-2025-13129Improper Enforcement of Behavioral Workflow vulnerability in Seneka Software Hardware Information Technology Trade Contr...MEDIUM4.32025-12-01
CVE-2025-40222In the Linux kernel, the following vulnerability has been resolved: tty: serial: sh-sci: fix RSCI FIFO overrun handling...02025-12-04
CVE-2025-40230In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP ...02025-12-04
CVE-2025-40235In the Linux kernel, the following vulnerability has been resolved: btrfs: directly free partially initialized fs_info ...02025-12-04
CVE-2025-40247In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix pgtable prealloc error path The follo...02025-12-04
CVE-2025-40317In the Linux kernel, the following vulnerability has been resolved: regmap: slimbus: fix bus_context pointer in regmap ...02025-12-08
CVE-2022-50614In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{cop...02025-12-08
CVE-2022-50625In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR...02025-12-08
CVE-2022-50627In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When ...02025-12-08
CVE-2023-53758In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime ...02025-12-08
CVE-2022-50647In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually wor...02025-12-09
CVE-2022-50648In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix recursive locking direct_mutex in ftrac...02025-12-09
CVE-2023-53789In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If I...02025-12-09
CVE-2023-53790In the Linux kernel, the following vulnerability has been resolved: bpf: Zeroing allocated object from slab in bpf memo...02025-12-09
CVE-2022-50674In the Linux kernel, the following vulnerability has been resolved: riscv: vdso: fix NULL deference in vdso_join_timens...02025-12-09
CVE-2022-50678In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when ena...02025-12-09
CVE-2023-53859In the Linux kernel, the following vulnerability has been resolved: s390/idle: mark arch_cpu_idle() noinstr linux-next...02025-12-09
CVE-2025-40337In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Correctly handle Rx checksum offload e...02025-12-09
CVE-2025-40356In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix DMA-API usage Use DMA-API d...02025-12-16
CVE-2025-68175In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fix streaming cleanup on rele...02025-12-16
CVE-2025-68184In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM ...02025-12-16
CVE-2025-68185In the Linux kernel, the following vulnerability has been resolved: nfs4_setup_readdir(): insufficient locking for ->d_...02025-12-16
CVE-2025-68192In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: initialize MAC header offset in...02025-12-16
CVE-2025-68194In the Linux kernel, the following vulnerability has been resolved: media: imon: make send_packet() more robust syzbot...02025-12-16
CVE-2025-68204In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fix genpd leak on provider reg...02025-12-16
CVE-2025-68220In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: netcp: Standardize knav_dma_open...02025-12-16
CVE-2025-68222In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32_pin...02025-12-16
CVE-2025-68260In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix race condition on death_list Rust...02025-12-16
CVE-2025-68262In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cl...02025-12-16
CVE-2025-68286In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing [WHAT...02025-12-16
CVE-2025-68306In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Fix kernel crash when r...02025-12-16
CVE-2025-68310In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery...02025-12-16
CVE-2025-68320In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The follow...02025-12-16
CVE-2025-68327In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Fix synchronous external abort ...02025-12-22
CVE-2022-50697In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when app...02025-12-24
CVE-2022-50699In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFP_KERNEL and GFP_ATOM...02025-12-24
CVE-2022-50704In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config s...02025-12-24
CVE-2025-68360In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: wed: use proper wed reference in mt76 w...02025-12-24
CVE-2022-50714In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver relo...02025-12-24
CVE-2022-50741In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Disable useless interrupt to avoid...02025-12-24
CVE-2023-54089In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: add the missing REQ_OP_WRITE for flush...02025-12-24
CVE-2023-54126In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on l...02025-12-24
CVE-2023-54156In the Linux kernel, the following vulnerability has been resolved: sfc: fix crash when reading stats while NIC is rese...02025-12-24
CVE-2023-54157In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc->vma in race with munmap()...02025-12-24
CVE-2022-50828In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy` "...02025-12-30
CVE-2022-50849In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREM...02025-12-30
CVE-2022-50877In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908_enet: update TX stats after ...02025-12-30
CVE-2023-54172In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks E...02025-12-30
CVE-2023-54220In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_...02025-12-30
CVE-2023-54229In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy wit...02025-12-30
CVE-2023-54257In the Linux kernel, the following vulnerability has been resolved: net: macb: fix a memory corruption in extended buff...02025-12-30
CVE-2023-54287In the Linux kernel, the following vulnerability has been resolved: tty: serial: imx: disable Ageing Timer interrupt re...02025-12-30
CVE-2025-3654Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows un...MEDIUM5.32026-01-04
CVE-2025-68751In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpu_vs...02026-01-05
CVE-2025-71078In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB ...02026-01-13
CVE-2025-71092In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_sta...02026-01-13
CVE-2025-71133In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdma_net_event ...02026-01-14
CVE-2025-71134In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: change all pageblocks migrate type o...02026-01-14
CVE-2026-21982Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a...HIGH7.52026-01-20
CVE-2021-47770OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to...HIGH8.82026-01-21
CVE-2025-71158In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IR...MEDIUM5.52026-01-23
CVE-2026-23009In the Linux kernel, the following vulnerability has been resolved: xhci: sideband: don't dereference freed ring when r...02026-01-25
CVE-2025-69418Issue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware-accelerated code paths, inputs...MEDIUM42026-01-27
CVE-2026-23046In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix device mismatch in devm_kzalloc/dev...02026-02-04
CVE-2026-23055In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Co...02026-02-04
CVE-2026-23102In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE contex...02026-02-04
CVE-2026-23107In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when re...02026-02-04
CVE-2025-35998Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) ...HIGH7.92026-02-10
CVE-2025-8668Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in E-Kalite So...CRITICAL9.42026-02-11
CVE-2025-14014Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software H...CRITICAL9.82026-02-12
CVE-2026-25933Arduino App Lab is a cross-platform IDE for developing Arduino Apps. Prior to 0.4.0, a vulnerability was identified in t...MEDIUM6.82026-02-12
CVE-2025-71200In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduct...02026-02-14
CVE-2026-23115In the Linux kernel, the following vulnerability has been resolved: serial: Fix not set tty->port race condition Rever...02026-02-14
CVE-2026-23128In the Linux kernel, the following vulnerability has been resolved: arm64: Set __nocfi on swsusp_arch_resume() A DABT ...02026-02-14
CVE-2026-23130In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing manageme...02026-02-14
CVE-2026-23147In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware ac...02026-02-14
CVE-2026-23163In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_...02026-02-14
CVE-2026-23175In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndo_set_rx_mode callback in a wo...02026-02-14
CVE-2026-23180In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: add bounds check for if_id in IRQ han...02026-02-14
CVE-2026-23183In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: fix NULL pointer dereference when sett...02026-02-14
CVE-2026-23184In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF in binder_netlink_report() Oneway ...02026-02-14
CVE-2026-23203In the Linux kernel, the following vulnerability has been resolved: net: cpsw_new: Execute ndo_set_rx_mode callback in ...02026-02-14
CVE-2025-71229In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix alignment fault in rtw_core_enable...02026-02-18
CVE-2026-27212Swiper is a free and mobile touch slider with hardware accelerated transitions and native behavior. Versions 6.5.1 throu...HIGH7.82026-02-21
CVE-2026-30829Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and...MEDIUM5.32026-03-07
CVE-2025-15037An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulne...02026-03-12