Lucene search
K

245 matches found

OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53266

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

8.8CVSS5.7AI score0.00129EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53266

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

8.8CVSS5.6AI score0.00129EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53266

The CVE-2026-53266 entry concerns the Linux kernel netfilter bridge path, where ebt_snat ARP sender hardware address rewrite could be performed on non-writable memory. Root cause: ARP SHA is written via skb_store_bits() relative to skb->data, and skb_header_pointer() only safely reads the ARP ...

8.8CVSS5.7AI score0.00129EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53266

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

5.6AI score0.00129EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2026/06/23 9:17 p.m.11 views

CVE-2026-47382

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the connection-test endpoint opened a raw TCP socket to the user-supplied database host without resolving and range-checking the destination, so private and link-local addresses including IPv4-mapped IPv6 forms and...

5.3CVSS0.00207EPSS
Exploits0References1
Amazon
Amazon
added 2026/06/22 12:0 a.m.11 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey CVE-2026-45838 In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec...

9.8CVSS6.4AI score0.00559EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.8 views

CVE-2026-42937

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...

7.1CVSS5.5AI score0.00203EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:11 a.m.7 views

netfilter: arp_tables: fix IEEE1394 ARP payload parsing

...

5.5CVSS5.4AI score0.00117EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/27 10:57 p.m.9 views

CVE-2026-45970

A flaw was found in the Linux kernel's bonding driver, specifically within the Active-Backup Load Balancing ALB receive path. A local attacker can trigger a Use-After-Free UAF vulnerability in the rlbarprecv function by rapidly bringing a bond interface up and down while receiving Address...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.13 views

SUSE CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

6.5CVSS5.7AI score0.00117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 12:28 p.m.10 views

CVE-2026-45844

A flaw was found in the Linux kernel's netfilter ARP Address Resolution Protocol tables. When processing IPv4-over-IEEE1394 ARP packets on IEEE1394 interfaces, the kernel incorrectly parses the ARP payload. This can lead to incorrect filtering decisions by arptables, where packets that should be...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.46 views

CVE-2026-45970 bonding: alb: fix UAF in rlb_arp_recv during bond up/down

In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...

7.8CVSS0.00126EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 11:16 a.m.13 views

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.5CVSS0.00117EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/27 3:1 a.m.6 views

SUSE CVE-2025-38666

In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine aarpproxyprobenetwork sends a probe, releases the aarplock, sleeps, then re-acquires the lock. During that window an expire timer thread...

7.8CVSS7.1AI score0.00151EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/13 6:30 p.m.28 views

EUVD-2026-30009

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 4:58 p.m.32 views

CVE-2026-40408 Windows WAN ARP Driver Elevation of Privilege Vulnerability

...

7.8CVSS0.00298EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.10 views

Windows WAN ARP Driver Elevation of Privilege Vulnerability

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00298EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/09 12:15 a.m.8 views

CVE-2026-43441

A flaw was found in the Linux kernel's bonding network interface. When IPv6 is disabled and bonding ARP/NS validation is enabled, a specially crafted IPv6 Neighbor Solicitation NS or Neighbor Advertisement NA packet received on a slave interface can trigger a NULL pointer dereference. This...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.26 views

CVE-2026-43139 xfrm6: fix uninitialized saddr in xfrm6_get_saddr()

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

8.6CVSS0.00375EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.17 views

SUSE CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References12
Rows per page
Query Builder