Lucene search
K

13142 matches found

RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.10 views

CVE-2026-56116

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit a memory leak vulnerability in the IPv6 Router Advertisement route information handling. By repeatedly sending specially crafted Router Advertisements with a zero lifetime, the attacker can cause the syst...

7.1CVSS5.8AI score0.00187EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/23 6:6 p.m.39 views

CVE-2026-54323 Daytona: Git credential leak via git clone with TLS verification disabled

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, the daemon's git clone implementation disabled TLS certificate verification. When a clone request carried Git credentials, the daemon sent the HTTP Basic Authorization...

5.9CVSS0.00117EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/23 4:14 p.m.5 views

CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS5.9AI score0.00093EPSS
Exploits0
EUVD
EUVD
added 2026/06/23 4:11 p.m.6 views

EUVD-2026-38496

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS5.8AI score0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 4:11 p.m.33 views

CVE-2026-56116 dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS0.00187EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 4:5 p.m.5 views

EUVD-2026-38491

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6CVSS5.9AI score0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.11 views

PT-2026-51565

Name of the Vulnerable Software and Affected Versions dhcpcd versions prior to 10.3.2 Description An issue in the IPv6 Router Advertisement route information handling allows an unauthenticated attacker on the same link to cause a denial of service. By repeatedly sending crafted Router...

7.1CVSS5.7AI score0.00187EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Oracle Solaris Critical Patch Update : jun2026_SRU11_4_93_221_2

The version of Solaris installed on the remote host is prior to 11.4.93.221.2. It is, therefore, affected by multiple vulnerabilities as referenced in the solaris11jun2026SRU114932212 advisory. - Vulnerability in the Oracle Solaris product of Oracle Systems component: Remote Administration Daemon...

10CVSS6AI score0.00307EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.11 views

kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state

A flaw was found in the Linux kernel's libceph OSD client. When a connection fault occurs during a sparse read, the sparse-read state is not properly reset. This allows a misbehaving or compromised Ceph OSD server, or a network adversary, to disrupt traffic. As a result, the client can misinterpr...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References5
Debian
Debian
added 2026/06/21 6:5 p.m.3 views

[SECURITY] [DLA 4639-1] libhttp-daemon-perl security update

Debian LTS Advisory DLA-4639-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón June 21, 2026 https://wiki.debian.org/LTS Package : libhttp-daemon-perl Version : 6.12-1+deb11u2 6.16-1+deb13u1deb12u1 CVE ID : CVE-2026-8450 Debian Bug : 1138050 A flaw was...

9.1CVSS6AI score0.01231EPSS
Exploits0
Debian
Debian
added 2026/06/21 4:50 p.m.13 views

[SECURITY] [DSA 6358-1] libhttp-daemon-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6358-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2026 https://www.debian.org/security/faq -...

9.1CVSS6AI score0.01231EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.11 views

Debian dsa-6358 : libhttp-daemon-perl - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6358 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6358-1 [email protected] https://www.debian.org/security/...

9.1CVSS6.1AI score0.01231EPSS
Exploits0References4
OSV
OSV
added 2026/06/20 6:49 a.m.2 views

SUSE-SU-2026:22187-1 Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issue - CVE-2026-8450: HTTP: Daemon versions before 6.17 for Perl allow OS command injection via sendfile bsc1266370...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

Fedora 44 : perl-HTTP-Daemon (2026-8982379b5c)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8982379b5c advisory. Changes: 6.17 2026-05-19 23:11:06Z - Fix CVE-2026-8450 affects 6.15 and earlier: 2-arg open in sendfile enabled RCE / arbitrary file write / response-body...

9.1CVSS6AI score0.01231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

SUSE SLED15 / SLES15 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:2442-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2442-1 advisory. - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Tenable has extracted the preceding description...

9.1CVSS5.9AI score0.01231EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

Fedora 43 : perl-HTTP-Daemon (2026-f276b2154e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f276b2154e advisory. Changes: 6.17 2026-05-19 23:11:06Z - Fix CVE-2026-8450 affects 6.15 and earlier: 2-arg open in sendfile enabled RCE / arbitrary file write / response-body...

9.1CVSS6AI score0.01231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

SUSE SLES12 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:2408-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2408-1 advisory. - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Tenable has extracted the preceding description block directly from the SUSE...

9.1CVSS5.9AI score0.01231EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/19 7:18 p.m.6 views

CVE-2026-48715

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...

8.8CVSS6.1AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libvirt

A use-after-free flaw was discovered in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting...

6.5CVSS6.7AI score0.01217EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.8. The file fs/smb/server/smb2pdu.c in ksmbd contains an integer underflow and an out-of-bounds read during the deassemblenegcontexts function...

9.8CVSS6.7AI score0.01129EPSS
Exploits0References2
Rows per page
Query Builder