Lucene search
K

718 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A guest can force the Linux netback driver to consume a large amount of kernel memory. This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Incoming data packets for a guest in the Linux kernel’s netback driver are buffere...

6.5CVSS6.6AI score0.00325EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nbd: restricts sockets to TCP and UDP Recently, syzbot began abusing NBD using various types of sockets. The commit cf1b2326b734 “nbd: verify that sockets are supported during setup” ensured that the socket supported a shutdown...

5.9AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: UDP: The auto-bound connected sockets’ hash values are unhashed when they are disconnected from the network. Suppose we bind an UDP socket to a wildcard address with a non-zero port, then connect it to a specific address, and lat...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Memcached

Memcached 1.6.7 allows a Denial of Service attack through multi-packet uploads in UDP...

7.5CVSS6.5AI score0.00912EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RuggedCom Rox Integer Underflow (Wrap or Wraparound) (CVE-2019-14199)

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an udppackethandler call. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

9.8CVSS6.8AI score0.02331EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Siemens RuggedCom Rox Integer Underflow (Wrap or Wraparound) (CVE-2019-14192)

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

9.8CVSS6.8AI score0.02666EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.10 views

netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

A flaw was found in Netty's DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator PRNG for DNS transaction IDs and a static User Datagram Protocol UDP source port. This combination significantly reduces the randomness of DNS queries, making...

6.8CVSS5.3AI score0.00256EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 1:24 p.m.6 views

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

7.8CVSS5.3AI score0.00227EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 12:5 p.m.7 views

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

7.8CVSS5.4AI score0.00227EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 4:53 p.m.18 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS5.8AI score0.01263EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

FreeBSD : FreeBSD -- Insufficient response validation in the ldns stub resolver (fc0c7763-6477-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fc0c7763-6477-11f1-958d-bc241121aa0a advisory. When used as a stub resolver over UDP, ldns failed to verify that a received response belonged to the...

8.2CVSS5.6AI score0.00147EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-10846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and...

8.2CVSS5.8AI score0.00147EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 6:37 a.m.7 views

CVE-2026-10846 Insufficient verification that responses belong to a query

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS5.4AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 4:0 p.m.4 views

UBUNTU-CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS5.3AI score0.00147EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.5 views

FreeBSD Security Advisory - FreeBSD-SA-26:36.ldns

FreeBSD Security Advisory - When used as a stub resolver over UDP, ldns failed to verify that a received response belonged to the outstanding query. It did not check that the response source address and port matched the query destination, that the transaction ID matched, or that the question...

8.2CVSS5.4AI score0.00147EPSS
Exploits0
OSV
OSV
added 2026/06/08 9:16 a.m.7 views

ALPINE-CVE-2026-3238

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

7.5CVSS5.5AI score0.02669EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

NLnet Labs Routinator 安全漏洞

NLnet Labs Routinator is an open-source RPKI routing origin verification service developed by NLnet Labs. There is a security vulnerability in NLnet Labs Routinator, which may lead to crashes when encountering files defined using a special document type via RRDP...

8.7CVSS5.3AI score0.00358EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/06 2:17 p.m.64 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.72253EPSS
Exploits31
GithubExploit
GithubExploit
added 2026/06/06 1:29 p.m.56 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.72253EPSS
Exploits31
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.8 views

CVE-2026-9054

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

9.2CVSS5.5AI score0.00291EPSS
Exploits0References1
Rows per page
Query Builder