Lucene search
K

525387 matches found

EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-41447

An authenticated administrator can trigger a denial-of-service condition in the Fireware Management Web UI by sending malformed or crafted data to the putdata endpoint, which performs unsafe deserialization of the attacker-supplied input...

6.9CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-41457

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...

8.7CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 6 hours ago5 views

EUVD-2026-41440

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score
Exploits0References5
EUVD
EUVD
added 6 hours ago5 views

EUVD-2026-41441

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.3AI score
Exploits0References5
CVE
CVE
added yesterday9 views

CVE-2026-13084

CVE-2026-13084 is a null pointer dereference in WatchGuard Fireware OS iked process that enables remote unauthenticated DoS via specially crafted IKEv2 messages. Affected are Fireware OS versions 11.10.2–11.12.4_Update1, 12.0–12.12, and 2025.1–2026.2; impact is high (CVSS 8.7) with network attack...

8.7CVSS5.8AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-13371

WatchGuard Firebox management UI is affected by CVE-2026-13371 due to unsafe deserialization in the put_data endpoint. An authenticated administrator can exploit crafted input to trigger a denial-of-service in the Fireware Management Web UI. The CVSS metrics indicate network access with high priv...

6.9CVSS5.8AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-50721

CVE-2026-50721 concerns Libreswan where the function RSA_authenticate_hash_signature_raw_rsa() does not properly verify the authentication hash length when the SIG payload of an IKEv1 packet is encoded using PKCS#1 RSA Encryption per RFC 2313. This enables a remote attacker to leverage a Bleichen...

8.1CVSS6.3AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.3AI score
Exploits0References5
CVE
CVE
added yesterday7 views

CVE-2026-50722

Libreswan is affected by CVE-2026-50722 through RSA_authenticate_hash_signature_pkcs1_1_5_rsa, which fails to properly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload uses RSASSA-PKCS1-v1_5 (RFC 8017). This enables a remote attacker to perform a Bleichenbacher-like variati...

8.1CVSS6.3AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score
Exploits0References3Affected Software1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41434

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-41425

Pathway through 0.31.1, fixed in commit d09722e, document store applies a caller-supplied glob pattern to indexed document paths using a hand-written recursive matcher that branches two ways on each token without memoization, giving exponential worst-case complexity. The filepathglobpattern value...

8.7CVSS5.9AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-59094

Pathway through 0.31.1, fixed in commit d09722e, document store applies a caller-supplied glob pattern to indexed document paths using a hand-written recursive matcher that branches two ways on each token without memoization, giving exponential worst-case complexity. The filepathglobpattern value...

8.7CVSS5.9AI score
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-41423

JuiceFS through 1.3.1, fixed in commit a46979c, contains an authentication bypass vulnerability that allows unauthenticated remote attackers to access sensitive debug and metrics endpoints by exploiting improper handler registration on the shared http.DefaultServeMux. Attackers can request the...

7.7CVSS5.9AI score
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-41420

LobeChat before version 2.2.10-canary.15 contains a regular expression denial of service ReDoS vulnerability that allows authenticated attackers to block the Node.js event loop by supplying a catastrophic-backtracking pattern in a GitHub repository URL path during skill import. Attackers can craf...

7.1CVSS5.8AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-58578

LobeChat before version 2.2.10-canary.15 contains a regular expression denial of service ReDoS vulnerability that allows authenticated attackers to block the Node.js event loop by supplying a catastrophic-backtracking pattern in a GitHub repository URL path during skill import. Attackers can craf...

7.1CVSS5.8AI score
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-53357

A flaw was found in the Linux kernel's Bluetooth component. A Use-After-Free UAF vulnerability exists in the l2capsockcleanuplisten and l2capconndel functions. This flaw occurs due to a race condition during the cleanup of a listening socket and a concurrent Bluetooth HCI disconnect. An...

7CVSS5.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-48044

A flaw was found in Envoy, an open source edge and service proxy. A remote attacker can exploit this vulnerability by sending a specially crafted, highly compressed zstd payload to an Envoy proxy with zstd decompression enabled. This can lead to massive memory allocation, causing severe memory...

7.5CVSS5.7AI score0.00486EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added yesterday2 views

CVE-2026-48042

A flaw was found in Envoy, an open-source edge and service proxy. A remote attacker could exploit this vulnerability by sending deeply nested JSON objects to the affected system. This could lead to a stack overflow during the destruction of JSON objects, resulting in a Denial of Service DoS for t...

7.5CVSS5.7AI score0.00557EPSS
Exploits1References5
Rows per page
Query Builder