2561 matches found
CVE-2026-6535
A flaw was found in Wireshark's dissection engine. A remote attacker could exploit this vulnerability by sending a specially crafted packet. This could trigger a zlib decompression crash, leading to a denial of service and making the application unresponsive or causing it to terminate unexpectedl...
CVE-2026-6537
A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the ZigBee protocol dissector by crafting a malicious packet. This could lead to a crash of the Wireshark application, resulting in a denial of service DoS for the user. Mitigation To mitigate this issue, users can...
CVE-2025-63547
CVE-2025-63547 concerns Eprosima Micro-XRCE-DDS Agent v3.0.1. The issue allows a remote attacker to cause a denial of service by sending a crafted packet that targets the MTU length field. Affected software is the Micro-XRCE-DDS Agent (v3.0.1) developed by Eprosima; the root cause and exact vulne...
CVE-2025-63547
An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted packet to the MTU length field...
CVE-2025-63548
An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet specially crafted to bear a non-valid value in any Boolean field...
PT-2026-36524
Name of the Vulnerable Software and Affected Versions Eprosima Micro-XREC-DDS Agent version 3.0.1 Description A remote attacker can cause a denial of service by sending a crafted packet to the MTU length field. Recommendations At the moment, there is no information about a newer version that...
CVE-2025-63548
The CVE-2025-63548 entry concerns Eprosima Micro-XREC-DDS Agent v3.0.1. The issue allows a remote attacker to cause a denial of service by sending a packet with a non-valid value in any Boolean field. The NVD metrics indicate a Network attack vector, low complexity, no privileges, and an Availabi...
Wireshark 2.0.x < 2.0.4 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.4 advisory. - epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the...
CVE-2026-7424
Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...
CVE-2026-40613 Coturn: Misaligned Memory Access in coturn STUN Attribute Parser (Remote DoS on ARM64)
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8t to uint16t without alignment checks. When processing a crafted STUN message with odd-aligned attribute boundaries, thi...
EUVD-2026-24228
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8t to uint16t without alignment checks. When processing a crafted STUN message with odd-aligned attribute boundaries, thi...
JLSEC-2026-173
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service daemon exit via a short timestamp. This is related to schemainit.c and checkTime...
EUVD-2026-23753
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...
CVE-2026-32960
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...
CVE-2026-32960
CVE-2026-32960 affects SD-330AC and AMC Manager by silex technology, Inc. Affected: SD-330AC and AMC Manager. Issue: sensitive information remains in a resource not removed before reuse, enabling an attacker to login without a password by sending a crafted packet. Impact (per provided metrics): C...
CVE-2026-32960
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...
PT-2026-33698
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...
CVE-2026-34232
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the iscargcstring type when decoding an opresponse packet, causing a server crash when one is encountered in the status vector. An...
CVE-2026-33337
Firebird vulnerability CVE-2026-33337 affects the xdr_datum() deserialization path when processing slice packets. In versions prior to 5.0.4, 4.0.7 and 3.0.14, a cstring length is not validated against the slice descriptor bounds, allowing a crafted slice packet to overflow the allocated buffer. ...
CVE-2026-28212 Firebird has potential server crash via null pointer dereference when processing op_slice packet
Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an opslice network packet, the server passes an unprepared structure containing a null pointer to the SDLinfo function, resulting in a null pointer dereference an...