Lucene search
+L

197 matches found

nessus
nessus
added 6 days ago9 views

EulerOS 2.0 SP12 : busybox (EulerOS-SA-2026-2581)

According to the versions of the busybox packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : BusyBox wget thru 1.3.7 accepted raw CR 0x0D/LF 0x0A and other C0 control bytes in the HTTP request- target path/query, allowing the request line...

8.8CVSS7.3AI score0.00375EPSS
Exploits1References3
githubexploit
githubexploit
added 2026/05/31 9:11 a.m.97 views

Exploit for CVE-2026-8836

CVE-2026-8836 — lwIP SNMPv3 Stack Overflow PoC Proof of conce...

10CVSS7.7AI score0.01016EPSS
Exploits1
packetstormnews
packetstormnews
added 2026/05/11 12:0 a.m.10 views

Key Encapsulation Mechanism-Based Integrated Encryption Scheme (KEM-IES)

The Elliptic Curve Integrated Encryption Scheme ECIES is widely regarded as a practical method and has been adopted by multiple standards. However, the advancement of quantum computing technologies poses potential security risks to ECIES. Therefore, this study proposes a Key Encapsulation...

5.7AI score
Exploits0
nessus
nessus
added 2026/05/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-29004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c...

8.8CVSS6.5AI score0.00375EPSS
Exploits0References3
osv
osv
added 2026/05/04 6:16 p.m.5 views

DEBIAN-CVE-2026-29004

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

7.2CVSS6.5AI score0.00375EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/04 6:5 p.m.12 views

CVE-2026-29004 BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

8.1CVSS6.5AI score0.00375EPSS
Exploits0References5
debiancve
debiancve
added 2026/05/04 6:5 p.m.7 views

CVE-2026-29004

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

8.8CVSS6.5AI score0.00375EPSS
Exploits0
attackerkb
attackerkb
added 2026/05/04 6:5 p.m.4 views

CVE-2026-29004

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

8.1CVSS6.5AI score0.00375EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/05/04 12:0 a.m.8 views

PT-2026-36890

Name of the Vulnerable Software and Affected Versions BusyBox versions prior to commit 42202bf Description A heap buffer overflow exists in the DHCPv6 client udhcpc6 DNS SERVERS option handler within the networking/udhcp/d6 dhcpc.c file. Network-adjacent attackers can trigger memory corruption by...

8.1CVSS6.5AI score0.00375EPSS
Exploits0References23
euvd
euvd
added 2026/05/01 3:59 p.m.7 views

EUVD-2026-26663

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

8.1CVSS5.8AI score0.00346EPSS
Exploits0References1
cve
cve
added 2026/05/01 12:0 a.m.68 views

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow in firmware image parsing: elf_loader.c multiplies two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded targets (e.g., STM32MP1, Zynq, i.MX), large inputs can wrap the product to a small ...

9.8CVSS5.9AI score0.00253EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2026/05/01 12:0 a.m.4 views

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

8.4CVSS5.9AI score0.00253EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/05/01 12:0 a.m.16 views

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

8.4CVSS5.9AI score0.00253EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/01 12:0 a.m.41 views

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

8.4CVSS0.00253EPSS
Exploits0References3
cvelist
cvelist
added 2026/04/21 11:58 p.m.32 views

CVE-2026-41144 F´ (F Prime) has Integer Overflow in FileUplink

F´ F Prime is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize fileSize uses U32 addition that wraps around on overflow. An attacker-crafted DataPacket with...

0.00428EPSS
Exploits0References2
euvd
euvd
added 2026/04/17 11:51 p.m.8 views

EUVD-2026-23603

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

5.1CVSS5.8AI score0.00155EPSS
Exploits0References3
euvd
euvd
added 2026/02/14 4:27 p.m.17 views

EUVD-2026-5847

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

5.2AI score0.001EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/01/06 7:15 p.m.191 views

Exploit for CVE-2020-98765

FirmwareForge - Advanced Firmware & Hardware Exploitation Tool...

8.8AI score
Exploits2
packetstormnews
packetstormnews
added 2025/11/30 12:0 a.m.5 views

Deterministic Random Bit Generators Based on Ascon for Embedded Systems

As the Deterministic Random Bit Generator DRBG serves as a fundamental component in random number generation and cryptographic applications, its performance and security are particularly critical in resource-constrained embedded systems, where memory capacity and computational efficiency are...

7.1AI score
Exploits0
cnnvd
cnnvd
added 2025/11/22 12:0 a.m.7 views

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL that stems from the fact that any weaker digest algorithm can be used by the client when connecting using...

5.4CVSS6.5AI score0.00127EPSS
Exploits0References3
Rows per page
Query Builder