878 matches found
CVE-2026-10651
A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...
UBUNTU-CVE-2026-10651
A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...
CVE-2026-10651 Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read
A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...
May 12, 2026—Hotpatch KB5087423 (OS Build 26100.32772)
May 12, 2026—Hotpatch KB5087423 OS Build 26100.32772 This update applies to Windows Server 2025 Datacenter & Standard machines connected to Azure Arc. To learn more about differences between security updates, optional non-security preview updates, out-of-band OOB updates, and continuous innovatio...
CVE-2026-42937
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...
CVE-2024-14036 Dräger Core 1.0.5 Denial of Service via Malformed SDC Message
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...
CVE-2026-34341
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
EUVD-2026-30009
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...
CVE-2026-42937 iControl REST and tmsh vulnerability
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...
EUVD-2026-29600
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
CVE-2026-34341
CVE-2026-34341 is a Windows LLDP (Link-Layer Discovery Protocol) vulnerability described as a double free in LLDP that allows an authenticated, local attacker to gain elevated privileges. The connected documents confirm the issue and impact (local privilege escalation) but do not provide concrete...
Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
CVE-2026-41372 OpenClaw < 2026.4.2 - Loopback Protection Bypass via Trailing-Dot Localhost in CDP Discovery
OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses returning localhost. to retarget authenticated browser control toward localhost endpoints and expose...
CVE-2026-34063
Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...
PT-2026-34544
Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...
Microsoft Windows SSDP Elevation of Privilege Vulnerability
Microsoft Windows SSDP is a simple service discovery provider program from Microsoft USA. Microsoft Windows SSDP suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...
EUVD-2026-22515
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...
CVE-2026-32068
CVE-2026-32068 impacts Windows SSDP service, enabling local elevation of privilege via the Simple Search and Discovery Protocol. The issue is local, requires low privileges, and does not require user interaction. CVSS v3.1 base score 7.0 (HIGH) with HIGH impact on confidentiality, integrity, and ...
CVE-2026-32068 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
...
CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
...