Lucene search
K

732 matches found

CVE
CVE
added 4 hours ago37 views

CVE-2026-47703

Summary: CVE-2026-47703 affects AdGuard Home and its DoQ-to-UDP forwarding path. Prior to version 0.107.75, the backend UDP path could collapse the DNS transaction ID (txid) to 0 on client-triggered DoQ queries, reducing the entropy of the backend tuple from (txid, source-port) to only the source...

6.3CVSS6.1AI score0.00047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 13 hours ago3 views

CVE-2026-10846

A flaw was found in ldns. When applications use ldns as a resolver over User Datagram Protocol UDP, it fails to properly match the query's destination address and port with the response's source address and port. Additionally, the query ID and question are not matched with the response. This...

8.2CVSS6.1AI score0.00147EPSS
Exploits0References4
Metasploit
Metasploit
added 5 days ago20 views

FTP Fetch, Windows shellcode stage, Reverse UDP Stager with UUID Support

Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/ftp/x86/custom/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf payloadreverseudp...

6.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 5 days ago8 views

libcurl 8.18.0 < 8.21.0 QUIC UDP Denial of Service (CVE-2026-11352)

The version of libcurl installed on the remote host is 8.18.0 prior to 8.21.0. It is, therefore, affected by a denial of service vulnerability: - An issue in curl's QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client...

7.5CVSS6.4AI score0.0101EPSS
Exploits1References2
CVE
CVE
added 2026/07/07 9:8 p.m.10 views

CVE-2026-55490

OpenWrt OpenWrt (embedded Linux) mediateces: CVE-2026-55490 affects the Emergency Access Daemon’s handle_send_a() where an integer underflow can lead to a pre-auth DoS by an unauthenticated attacker on the local network via a crafted UDP packet. The underflow causes a bounds-check misstep, then a...

6.5CVSS6AI score0.00684EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/07 9:8 p.m.6 views

CVE-2026-55490

OpenWrt is a Linux operating system targeting embedded devices. Before v25.12.5, an integer underflow in handlesenda of the Emergency Access Daemon allows any unauthenticated attacker on the local network to crash the daemon by sending a single crafted UDP packet. The message length underflows...

6.5CVSS6AI score0.00684EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/07/02 4:6 p.m.3 views

EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...

6.3CVSS5.8AI score0.00243EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/02 3:43 p.m.2 views

curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability

A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service DoS against a curl or libcurl client, as the helper function discards zero-length UDP...

7.5CVSS6.1AI score0.0101EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.19 views

PT-2026-55282

Name of the Vulnerable Software and Affected Versions Eclipse Wakaama versions prior to snapshot/2026-05-26 Description An unbounded memory allocation issue exists in the CoAP Block1 handler within the coap/block.c file. Unauthenticated remote attackers can cause a denial of service by sending a...

8.7CVSS6.2AI score0.00555EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54076

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the QUIC protocol implementation. This allows a remote attacker to potentially exploit heap corruption by sending malicious network traffic. Use after...

9.8CVSS6AI score0.00413EPSS
Exploits0References451
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:10 a.m.8 views

udp: clear skb->dev before running a sockmap verdict

...

7.5CVSS5.8AI score0.00506EPSS
Exploits0
OSV
OSV
added 2026/06/26 7:58 p.m.5 views

GHSA-QH5X-RFWF-RVFV Hysteria vulnerable to server crash when max_datagram_frame_size very small

Summary An authenticated client can crash the Hysteria server by advertising a very small QUIC maxdatagramframesize and then triggering a UDP response from the server. When the server tries to send the UDP response back via QUIC DATAGRAM, quic-go returns DatagramTooLargeError. The server then...

7.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/26 7:48 p.m.5 views

GHSA-VGRC-HQ28-P3XP Hysteria has an authenticated UDP ACL bypass that enables localhost and private-network UDP SSRF

Summary Hysteria's UDP relay treats the destination address as packet-scoped, but ACL and outbound policy are applied only once when a new UDP session is created. After an authenticated client opens a UDP session using an allowed first destination, later packets in the same Session ID can be sent...

7.4CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/26 5:32 p.m.4 views

CVE-2026-48497 Envoy: Abnormal process termination in DNS UDP filter

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...

5.9CVSS6AI score0.00405EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:8 p.m.7 views

CVE-2026-53070

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP over User Datagram Protocol UDP implementation. An issue with managing the transmission context across different processing units could lead to incorrect recursion level detection. This can cause network packets to b...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39326

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

5.7AI score0.00466EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:38 a.m.13 views

CVE-2026-53184

The CVE-2026-53184 issue affects the Linux kernel UDP sockmap path. On UDP receive, skb-&gt;dev is repurposed as dev_scratch; when a SK_SKB verdict program uses BPF socket-lookup helpers (bpf_sk_lookup_tcp/udp, bpf_skc_lookup_tcp), skb-&gt;dev may still hold the dev_scratch value, and dev_net(skb...

7.5CVSS5.7AI score0.00506EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53184

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

7.5CVSS5.7AI score0.00506EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52280

Name of the Vulnerable Software and Affected Versions Linux kernel version 7.1.0-rc6 Description An issue exists in the UDP receive path where the skb-dev field is repurposed as dev scratch via a union in sk buff. When a UDP socket is in a sockmap, the sk psock verdict recv function runs an...

7.5CVSS6AI score0.00506EPSS
Exploits0References20
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-53070

In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...

7.5CVSS0.0035EPSS
Exploits0References4
Rows per page
Query Builder