Lucene search
K

281 matches found

Vulnrichment
Vulnrichment
added 6 days ago7 views

CVE-2026-11404 Cesanta Mongoose before 7.22 Out-of-Bounds Read in MG_TLS_BUILTIN ClientHello Session ID Parsing

Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mgtlsserverrecvhello, which uses an attacker-controlled sessionidlen byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated...

8.7CVSS6.2AI score0.00441EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-11404 Cesanta Mongoose before 7.22 Out-of-Bounds Read in MG_TLS_BUILTIN ClientHello Session ID Parsing

Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mgtlsserverrecvhello, which uses an attacker-controlled sessionidlen byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated...

8.7CVSS0.00441EPSS
Exploits0References4
CVE
CVE
added 6 days ago10 views

CVE-2026-11404

Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthent...

8.7CVSS6.2AI score0.00441EPSS
Exploits0References4
CVE
CVE
added last week12 views

CVE-2026-15165

CVE-2026-15165 affects Wireshark 4.6.0–4.6.6, where the TLS Encrypted Client Hello (ECH) decryptor can crash during decryption of a malformed packet, leading to a denial of service. Root cause: crash in the TLS ECH decryptor component. Impact: application crash and denial of service. CVSSv3.1 bas...

5.5CVSS5.9AI score0.00133EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/07/02 4:6 p.m.13 views

CVE-2026-55950

This CVE (CVE-2026-55950) describes a TOCTOU race in Erlang/OTP ssl (dtls_packet_demux.erl) where a DTLS listener’s shared demux process can be crashed by an unauthenticated remote attacker sending rapid ClientHello datagrams from the same source IP/port. The race in the internal gb_trees store l...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2026/07/02 4:6 p.m.4 views

CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS6.1AI score0.00487EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.6 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS6AI score0.00461EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Mbed TLS 3.5.1. There is a persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions...

7.5CVSS7.1AI score0.00685EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.15 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/16 2:20 a.m.10 views

SUSE CVE-2026-45416

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.5AI score0.00461EPSS
Exploits0References4
NVD
NVD
added 2026/06/12 3:16 p.m.16 views

CVE-2026-45416

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS0.00461EPSS
Exploits0References12
OSV
OSV
added 2026/06/12 2:10 p.m.2 views

CVE-2026-45416 Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS6.1AI score0.00461EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/12 2:10 p.m.12 views

EUVD-2026-36436

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/12 2:10 p.m.21 views

CVE-2026-45416 Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 2:10 p.m.33 views

CVE-2026-45416 Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS0.00461EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/08 11:1 p.m.27 views

Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates ctx.alloc.bufferhandshakeLength line 161. The guard at line 140 is handshakeLength maxClientHelloLength && maxClientHelloLength != 0, and the...

7.5CVSS5.7AI score0.00461EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47587

SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates ctx.alloc.bufferhandshakeLength line 161. The guard at line 140 is handshakeLength maxClientHelloLength && maxClientHelloLength != 0, and the...

7.5CVSS5.7AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.8 views

CVE-2026-1677

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

5.3CVSS5.4AI score0.00243EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in mbedtls

A vulnerability was discovered in Mbed TLS before versions 2.28.1 and 3.x, prior to 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server, causing a heap-based buffer overflow of up to 255 bytes. This can lead to a server crash or,...

9.1CVSS8.6AI score0.02118EPSS
Exploits1References1
OSV
OSV
added 2026/05/12 10:16 p.m.6 views

DEBIAN-CVE-2026-44296

Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service DoS vulnerability affects Deskflow servers running with TLS enabled the default. When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References1
Rows per page
Query Builder