Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1882 matches found

EUVD
EUVDadded 2026/04/09 9:31 p.m.3 views

EUVD-2026-21180

In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...

6CVSS5.9AI score0.00239EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/09 9:2 p.m.18 views

CVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse

In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...

6CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/09 9:2 p.m.1 views

CVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse

In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...

6CVSS5.8AI score0.00239EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/04/09 9:2 p.m.3 views

CVE-2026-5446

In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...

7.1CVSS5.3AI score0.00239EPSS
Exploits0
CNNVD
CNNVDadded 2026/04/09 12:0 a.m.4 views

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from a heap buffer overflow issue in the processing of DTLS 1.3 ACK messages...

9.8CVSS6AI score0.00446EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/04/08 12:0 a.m.0 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006691)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006691 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk =...

5.5CVSS6.1AI score0.00143EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2026/04/03 11:28 p.m.4 views

SUSE CVE-2026-23419

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References15
ATTACKERKB
ATTACKERKBadded 2026/04/03 8:19 p.m.0 views

CVE-2020-37216

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

8.7CVSS6AI score0.00921EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2026/04/03 6:31 p.m.2 views

CVE-2026-23439

A flaw was found in the Linux kernel. A privileged local user can exploit a vulnerability in the udptunnel module when IPv6 Internet Protocol version 6 is disabled. This occurs because the udpsockcreate6 function incorrectly returns success without creating a socket, leading to a NULL pointer...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/04/03 6:22 p.m.4 views

CVE-2026-23447

A flaw was found in the USB CDC NCM Network Control Model driver in the Linux kernel. This vulnerability, a bounds-check bug, occurs when processing NCM Datagram Pointer NDP32 frames. It fails to correctly account for the ndpoffset, which can lead to out-of-bounds reads. This could result in...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
Metasploit
Metasploitadded 2026/04/02 7:2 p.m.126 views

HTTP Fetch, Windows Upload/Execute, Reverse UDP Stager with UUID Support

Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/http/x86/upexec/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION ms...

6AI score
Exploits0
Metasploit
Metasploitadded 2026/04/02 7:2 p.m.72 views

HTTP Fetch, Windows shellcode stage, Reverse UDP Stager with UUID Support

Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/http/x86/custom/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf payloadreverseud...

6AI score
Exploits0
SUSE CVE
SUSE CVEadded 2026/04/02 8:37 a.m.2 views

SUSE CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References9
EUVD
EUVDadded 2026/04/01 3:31 p.m.0 views

EUVD-2026-17881

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References4
OSV
OSVadded 2026/04/01 2:16 p.m.2 views

DEBIAN-CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.3AI score0.00994EPSS
Exploits1References1
NVD
NVDadded 2026/04/01 2:16 p.m.2 views

CVE-2026-35091

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS0.00867EPSS
Exploits1References17
OSV
OSVadded 2026/04/01 2:16 p.m.2 views

DEBIAN-CVE-2026-35091

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References1
OSV
OSVadded 2026/04/01 2:16 p.m.1 views

UBUNTU-CVE-2026-35091

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/04/01 1:18 p.m.3 views

CVE-2026-35092 Corosync: corosync: denial of service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References17
ATTACKERKB
ATTACKERKBadded 2026/04/01 1:18 p.m.1 views

CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.8AI score0.00994EPSS
Exploits1References18
Rows per page
Query Builder