Lucene search
K

424 matches found

RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-51537

A flaw was found in OpENer. An out-of-bounds read vulnerability exists in the Connection Manager when processing malformed ForwardOpen requests. A remote attacker can send a specially crafted Ethernet/IP ENIP frame with an insufficient Common Industrial Protocol CIP ForwardOpen/LargeForwardOpen...

9.1CVSS6.1AI score0.00434EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-43603

EIPStackGroup OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser...

9.1CVSS6.1AI score0.00434EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago3 views

PT-2026-58489

Name of the Vulnerable Software and Affected Versions Windows Remote Access Connection Manager affected versions not specified Description A use-after-free condition exists in the Windows Remote Access Connection Manager RasMan. This flaw allows an authorized attacker to elevate privileges over a...

8.8CVSS6.3AI score0.00617EPSS
Exploits0References5
NVD
NVD
added 3 days ago5 views

CVE-2026-51537

EIPStackGroup OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser...

9.1CVSS0.00434EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-51537

EIPStackGroup OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser...

0.00434EPSS
Exploits0References2
CVE
CVE
added 3 days ago15 views

CVE-2026-51537

OpENer 2.3.0 (commit 76b95cf) contains an out-of-bounds read in the Connection Manager when processing malformed ForwardOpen/LargeForwardOpen requests, allowing a remote attacker to trigger the issue over the network without authentication. Red Hat notes potential denial of service or information...

9.1CVSS6.1AI score0.00434EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 1:13 p.m.22 views

CVE-2026-8037 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints...

9.6CVSS8AI score0.4343EPSS
Exploits3References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IB/cm: A drop lockdep assertion and WARN are issued when freeing old messages. The send completion handler can run after cmid has advanced to another message. In this case, the cmid lock is not necessary. However, a recent change...

5.5CVSS5.7AI score0.00137EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.9 views

EUVD-2026-27807

In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments in the curre...

5.8AI score0.00122EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in t...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/20 1:36 p.m.26 views

CVE-2026-4048 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process...

8.4CVSS0.02132EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 7:14 p.m.4 views

EUVD-2026-10804

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager FilterManager that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" UAF or state-corruption window where...

5.9CVSS5.8AI score0.00337EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 7:14 p.m.3 views

CVE-2026-26311

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager FilterManager that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" UAF or state-corruption window where...

5.9CVSS5.8AI score0.00337EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Envoy 资源管理错误漏洞

Envoy is an open-source gateway program developed by Enphase for connecting smart home devices. Versions of Envoy prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13 contain a resource management vulnerability. This vulnerability stems from logical flaws in the HTTP connection manager, which may lead to...

5.9CVSS5.8AI score0.00337EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.3 views

PT-2026-24380

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.34.13 Envoy versions 1.35.0 through 1.35.7 Envoy versions 1.36.0 through 1.36.4 Envoy versions 1.37.0 Description Envoy is a high-performance edge/middle/service proxy. A logic issue exists in Envoy’s HTTP connection...

5.9CVSS5.8AI score0.00337EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.6 views

CVE-2026-21525

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally...

6.2CVSS5.5AI score0.04956EPSS
Exploits0References1
Krebs on Security
Krebs on Security
added 2026/02/10 9:49 p.m.11 views

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild. Zero-day 1 this month is CVE-2026-21510, a security feature...

8.8CVSS6.6AI score0.72152EPSS
Exploits20
CVE
CVE
added 2026/02/10 5:51 p.m.38 views

CVE-2026-21525

CVE-2026-21525 is a Windows Remote Access Connection Manager (RasMan) Denial of Service vulnerability caused by a NULL pointer dereference. An unauthenticated, locally-initiated attacker can trigger a crash of RasMan, impacting availability. Connected sources confirm this as a local DoS issue, wi...

6.2CVSS5.5AI score0.04956EPSS
In wildExploits0References4Affected Software13
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.6 views

Windows Remote Access Connection Manager Denial of Service Vulnerability

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally...

6.2CVSS5.5AI score0.04956EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.8 views

PT-2026-7407

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to February 10, 2026 Description A null pointer dereference exists in the Windows Remote Access Connection Manager RasMan. This issue allows a local attacker to cause a denial-of-service by repeatedly crashing...

6.2CVSS5.8AI score0.04956EPSS
Exploits0References28
Rows per page
Query Builder