Lucene search
K

121 matches found

Cvelist
Cvelist
added 2026/06/25 8:38 a.m.27 views

CVE-2026-53176 IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN

In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISERHEADERSLEN In drivers/infiniband/ulp/isert/ibisert.c, isertloginrecvdone computes the login request payload length as wc-bytelen minus ISERHEADERSLEN with no lower bound, and loginreql...

9.8CVSS0.00397EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52272

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iSER iSCSI Extensions for RDMA driver where the isert login recv done function in drivers/infiniband/ulp/isert/ib isert.c fails to validate the lower bound of the...

9.8CVSS5.8AI score0.00397EPSS
Exploits0References14
CVE
CVE
added 2026/06/24 4:29 p.m.15 views

CVE-2026-52989

CVE-2026-52989 affects the Linux kernel nvmet-tcp component. The root cause is that nvmet_tcp_build_pdu_iovec() detects out-of-bounds PDU length/offset but does not propagate the error to callers; it returns void and triggers nvmet_tcp_fatal_error(cmd->queue) without alerting the caller, leavi...

9.8CVSS5.7AI score0.00342EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51883

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the nvmet-tcp component occurs because the nvmet tcp build pdu iovec function does not propagate errors to its callers when detecting out-of-bounds PDU Protocol Data Unit lengt...

9.8CVSS6AI score0.00342EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fixed handling of MSDU buffer types in the RX error path. Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type packets...

5.4AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fixed a kernel panic that occurs when the host sends an invalid H2C PDU length. If the host sends an H2CData command with an invalid DATAL value, the kernel may crash in the nvmettcpbuildpduiovec function. The...

5.5CVSS5.7AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in ofono

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

7.8CVSS7.5AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in ofono

oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

7.8CVSS7.5AI score0.00291EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:20 a.m.13 views

EUVD-2026-35353

A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables segmentation via chanops.allocbuf and the chosen RX pool has a userdatasize smaller than 2 bytes, the segmentation counter stored in t...

7.6CVSS5.5AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7183

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rlspdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be...

6.9CVSS5.4AI score0.00405EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 6:31 p.m.10 views

EUVD-2026-33696

FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...

7.5CVSS5.9AI score0.00428EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Garmin WDU 安全漏洞

Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic equipment. Versions 1.1.6 and 2.5.0 of Garmin WDU contain security vulnerabilities. These vulnerabilities stem from allowing reflective cross-site scripting attacks...

5CVSS5.9AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.15 views

Garmin WDU 安全漏洞

Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic devices. Versions 1.1.6 and 2.5.0 of Garmin WDU contain security vulnerabilities. These vulnerabilities stem from the ability to allow symbolic link attacks, which...

7.5CVSS5.8AI score0.00387EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.14 views

PT-2026-39565

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsm build pdu session establishment accept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be...

5.3CVSS5.5AI score0.00461EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.3 views

CVE-2025-46115

An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request...

5.3AI score0.00313EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.35 views

CVE-2025-46115

An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request...

0.00313EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

Open5GS 输入验证错误漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Version 2.7.3 of Open5GS contains a vulnerability related to input validation errors. This vulnerability stems from specially crafted PDU session modification requests,...

7.5CVSS5.8AI score0.00313EPSS
Exploits0References1
NVD
NVD
added 2026/04/27 11:16 p.m.4 views

CVE-2026-7183

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rlspdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be...

6.9CVSS0.00405EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/04/23 8:9 a.m.6 views

Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop

...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/22 7:35 p.m.4 views

CVE-2026-31498

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol implementation. A remote attacker could exploit this by sending a malformed configuration request with a zero-valued maximum PDU Protocol Data Unit size. This could lead to an infinite loop,...

6.1CVSS5.4AI score0.00123EPSS
Exploits0References4
Rows per page
Query Builder