CVE-2026-9759

A flaw was found in the ROHC dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the ROHC protocol dissector is not being used, it can be disabled via the...

CVE-2026-6525

A flaw was found in the IEEE 802.11 dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the IEEE 802.11 protocol dissector is not being used, it can be...

strawberry-graphql: Authentication bypass via legacy graphql-ws WebSocket subprotocol

Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connectioninit handshake has been completed before processing start subscription messages. This allows a remote...

PT-2026-30761

Name of the Vulnerable Software and Affected Versions Strawberry GraphQL versions through 0.312.3 Description Strawberry GraphQL is susceptible to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify completion of a connection ini...

CVE-2026-3203

A flaw was found in the RF4CE Profile dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a buffer over-read, resulting in a denial of service. Mitigation If the RF4CE Profile protocol dissector is not being used, it can be disable...

CVE-2026-3202

A flaw was found in the NTS-KE dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the NTS-KE protocol dissector is not being used, it can be disabled via...

UBUNTU-CVE-2024-45403

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, th...

UBUNTU-CVE-2024-23836

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extrem...

PT-2022-4787 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The vulnerability is related to errors in handling input data in the implementation of the TCP/IP protocol in Windows operating systems. This issue allows a remote attacker to execute...

PT-2022-5035 · Hitachi Energy · Hitachi Energy Microscada X Sys600

Name of the Vulnerable Software and Affected Versions: Hitachi Energy MicroSCADA X SYS600 versions 10.2 through 10.3.1 Description: The issue is related to an Improper Input Validation vulnerability in the ICCP stack of Hitachi Energy MicroSCADA X SYS600. This vulnerability can cause a...

PT-2022-3088 · Jtekt · Jtekt Toyopuc Plcs

Name of the Vulnerable Software and Affected Versions: JTEKT TOYOPUC PLCs through 2022-04-29 Description: The issue is related to the mishandling of authentication in JTEKT TOYOPUC PLCs. They utilize the CMPLink/TCP protocol, which is configurable on ports 1024-65534 on either TCP or UDP, for...

PT-2021-6408 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft App Installer versions prior to 1.21.3421.0 Description: The issue is related to a spoofing vulnerability in the AppX installer that affects Microsoft Windows. This vulnerability can be exploited by attackers using specially crafted...

DEBIAN-CVE-2018-11763

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol...

Beats 5.6.4 security update

Packetbeat denial of service ESA-2017-21 Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could...

PT-2017-19223 · Sma Solar Technology · Sunny Tripower +3

Name of the Vulnerable Software and Affected Versions: SMA Solar Technology products affected versions not specified Sunny Boy versions TLST-21 and TL-21 Sunny Tripower versions TL-10 and TL-30 Description: The SMAdata2+ communication protocol in SMA Solar Technology products does not properly us...

EGP Detection

The remote host is running EGP, an obsolete routing protocol. If possible, this IP protocol should be disabled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. See RFC 827 & RFC 888 include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid11908; scriptversion"1.19";...