Lucene search
+L

137 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/08/19 11:23 p.m.4 views

SUSE CVE-2025-38566

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...

8.1CVSS6.6AI score0.00528EPSS
Exploits0References75
SUSE CVE
SUSE CVE
added 2025/08/19 11:23 p.m.4 views

SUSE CVE-2025-38571

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

8.1CVSS6.5AI score0.00146EPSS
Exploits0References24
NVD
NVD
added 2025/08/19 5:15 p.m.11 views

CVE-2025-38571

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

5.5CVSS0.00146EPSS
Exploits0References5
NVD
NVD
added 2025/08/19 5:15 p.m.6 views

CVE-2025-38566

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...

7.5CVSS0.00528EPSS
Exploits0References5
OSV
OSV
added 2025/08/19 5:15 p.m.11 views

AZL-66467 CVE-2025-38571 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

5.5CVSS6AI score0.00146EPSS
Exploits0References1
OSV
OSV
added 2025/08/19 5:15 p.m.5 views

UBUNTU-CVE-2025-38571

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

5.5CVSS6AI score0.00146EPSS
Exploits0References30
Cvelist
Cvelist
added 2025/08/19 5:2 p.m.18 views

CVE-2025-38571 sunrpc: fix client side handling of tls alerts

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

0.00146EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/08/19 5:2 p.m.10 views

CVE-2025-38571

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

5.5CVSS5.6AI score0.00146EPSS
Exploits0
CVE
CVE
added 2025/08/19 5:2 p.m.57 views

CVE-2025-38571

The CVE-2025-38571 entry documents a Linux kernel flaw in sunrpc client-side handling of TLS alerts within NFS over TLS. The vulnerability stems from a misassumption that valid data resides in the msghdr iterator’s kvec, which could be exploited by TLS alert handling. The recommended fix reworks ...

5.5CVSS7.3AI score0.00146EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2025/08/19 5:2 p.m.56 views

CVE-2025-38566

CVE-2025-38566 affects the Linux kernel sunrpc tls alert handling in NFS over TLS. The root cause is the kTLS/read path interaction with TLS control messages and TLS alert payloads, where mis-splitting control message data can lead to incorrect processing and potential exploitation. The connected...

7.5CVSS7.3AI score0.00528EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-20322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to...

7.4CVSS6.5AI score0.06846EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-52577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in struct dccphdr, no...

5.5CVSS4.9AI score0.00229EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.3 views

PT-2025-33765

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A security issue was identified in the Linux kernel related to the handling of server-side TLS alerts within the sunrpc component. The tls alert recv function incorrectly assumed it...

7.8CVSS6.3AI score0.00528EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 2: bind (TSSA-2023:0246)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0246 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

7.5CVSS6.9AI score0.02626EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.13 views

CVE-2023-33044

Transient DOS in Data modem while handling TLB control messages from the Network...

7.5CVSS7AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.4 views

CVE-2020-11157

u'Lack of handling unexpected control messages while encryption was in progress can terminate the connection and thus leading to a DoS' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

7.5CVSS7.8AI score0.00407EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.11 views

CVE-2020-27220

The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configure...

9CVSS7AI score0.01147EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/04 12:0 a.m.6 views

SUSE SLES15 Security Update : openvpn (SUSE-SU-2025:1131-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1131-1 advisory. - CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147 Tenable has extracted the...

9.1CVSS7.8AI score0.00819EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/04/03 1:10 p.m.1 views

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.4CVSS9.4AI score0.00819EPSS
Exploits0References4
Rows per page
Query Builder