Lucene search
K

963 matches found

RedhatCVE
RedhatCVE
added 2026/07/03 10:16 a.m.9 views

CVE-2026-55952

A flaw was found in Erlang/OTP's SSL Secure Sockets Layer application. An unauthenticated remote attacker can send a specially crafted ClientHello message to a TLS 1.3 server with session tickets enabled. This can permanently disrupt the server's ability to handle session tickets, leading to a...

8.2CVSS6AI score0.00487EPSS
Exploits0References10
NVD
NVD
added 2026/07/02 5:17 p.m.7 views

CVE-2026-55952

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS0.00487EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/02 4:6 p.m.7 views

EUVD-2026-41412

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS5.9AI score0.00487EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Perl DBI module vulnerabilities (USN-8466-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8466-1 advisory. It was discovered that the Perl DBI module incorrectly handled certain...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:30 a.m.5 views

USN-8466-1 libdbi-perl vulnerabilities

It was discovered that the Perl DBI module incorrectly handled certain error messages. An attacker could use this issue to cause applications using the Perl DBI module to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-9698 It was discovered that the Perl DBI...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

In the binderreleasework function of binder.c, there is a potential use-after-free issue due to improper locking. This could lead to a local escalation of privileges in the kernel, without the need for additional execution privileges. User interaction is not required for exploitation. Product:...

7.8CVSS6.4AI score0.00507EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-50207

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS5.4AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.16 views

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.15 views

CVE-2026-37525

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-;context, NULL before...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 2:30 p.m.50 views

CVE-2026-10879 DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

0.00413EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 9:16 a.m.13 views

CVE-2026-50207

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 7:4 a.m.44 views

CVE-2026-50207 Local Modem Manipulation via Binder Interfaces

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 7:4 a.m.10 views

EUVD-2026-34219

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS5.8AI score0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 7:4 a.m.9 views

CVE-2026-50207 Local Modem Manipulation via Binder Interfaces

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS5.8AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 7:4 a.m.15 views

CVE-2026-50207

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS5.8AI score0.00133EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 7:4 a.m.20 views

CVE-2026-50207

The CVE-2026-50207 issue involves the system Binder boundary that accepts unverified pass-through AT commands, enabling local applications to read baseband files or disable cellular connectivity. The vulnerability is described as local, with impact to confidentiality, integrity, and availability ...

8.5CVSS5.8AI score0.00133EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the system’s Binder boundary accepting unverified direct access AT commands, which may allow local applications to read baseban...

8.5CVSS5.3AI score0.00133EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46159

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS5.8AI score0.00133EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Binder: Fixed the issue where dereferencing the null-ptr variable occurred unexpectedly. Syzbot reported several issues introduced by commit 44e602b4e52f „binderalloc: added missing mmaplock calls when using VMA”. In these...

5.5CVSS5.9AI score0.00188EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF Use-After-Free issue caused by a race condition involving ref-proc. A transaction of type BINDERTYPEWEAKHANDLE may fail to increment the reference count of a node. In this case, the target proc normally releas...

7CVSS6.2AI score0.00131EPSS
Exploits0References2
Rows per page
Query Builder