11 matches found
CVE-2026-3549
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving...
OSV-2026-301 Use-of-uninitialized-value in pcpp::IPv6Extension::getExtensionLen
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486705308 Crash type: Use-of-uninitialized-value Crash state: pcpp::IPv6Extension::getExtensionLen pcpp::IPv6Layer::parseExtensions pcpp::IPv6Layer::IPv6Layer...
EUVD-2020-9397
Malware in sbrugna...
CVE-2023-3036
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packe...
CVE-2023-3036
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packe...
CVE-2023-3036 Out of Bounds Slice index in cfnts leads to remote panic
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packe...
SUSE CVE-2014-9750
ntpcrypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service daemon crash via a packet containing an extension field with an invalid value for the length of its value...
SUSE CVE-2020-25112
An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet...
CVE-2020-25112
An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet...
xorg-x11-server: out of bounds access due to not validating length or offset values in DBE extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client...
xorg-x11-server: out of bounds access due to not validating length or offset values in RandR extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...