19 matches found
CVE-2026-45541 ESF-IDF: Remote Null Pointer Dereference in WebSocket Server
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...
CVE-2026-44546 Header injection via WebSocket upgrade parser differential allows ASGI scope header spoofing
daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and calls splitlines. An...
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...
CLSA-2026-1778238329 gnutls: Fix of CVE-2026-33845
CVE-2026-33845: fix DTLS handshake parsing integer underflow leading to OOB read...
CVE-2026-33845 Gnutls: gnutls: denial of service via dtls zero-length fragment
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...
CVE-2026-33845
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...
CVE-2026-33845
The CVE-2026-33845 issue is a GnuTLS DTLS handshake parsing flaw that can trigger an integer underflow during reassembly of malformed DTLS fragments (zero length, non-zero offset), causing an out-of-bounds read. Connected OSV entries indicate affected packages such as rootio-gnutls28 in Root:Debi...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the DTLS handshake parsing process. An attacker can cause an out-of-bounds read and potentially disclose sensitive memory or crash the application by sending specially crafted DTLS handshake...
PT-2026-36149
Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw in DTLS handshake parsing allows malformed fragments with zero length and non-zero offset to cause an integer underflow during reassembly. This leads to an out-of-bounds read, which is...
CVE-2025-62603
Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after the handshake, such as...
MiracleLinux 4 : rh-mysql56-mysql-5.6.37-5.AXS4 (AXSA:2017-2302:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2302:01 advisory. An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote...
PT-2022-36765 · Git +1 · Suricata
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a use-of-uninitialized-value error. The crash occurs in the TLSDecodeHandshakeHello function, which is part of...
CVE-2019-14431
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the...
PT-2019-13692 · Matrixssl · Matrixssl
Name of the Vulnerable Software and Affected Versions: MatrixSSL versions 3.8.3 Open through 4.2.1 Open Description: The issue arises from the DTLS server's mishandling of incoming network messages, leading to a heap-based buffer overflow of up to 256 bytes. This can result in possible Remote Cod...
mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)
An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon...
mysql: integer underflow in get_56_lenc_string() leading to DoS (CPU Apr 2017)
An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon...
Microsoft Windows Secure Channle DoS
Service hangs on SSL/TLS handshake parsing...