Lucene search
K

71 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:0 a.m.5 views

CVE-2026-53249

A flaw was found in the Linux kernel's IPv4 networking component. This vulnerability allows an unprivileged application to set specific IP options, namely Loose Source and Record Route LSRR and Strict Source and Record Route SSRR. By exploiting this, an attacker can force network packets to...

7CVSS5.8AI score0.00184EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53219

The CVE-2026-53219 issue affects the Linux kernel netfilter x_tables path. The root cause is that native/compat get-entries copied the fixed rule entry header to userspace before sanitizing and overwriting the counter fields, exposing the percpu allocation address (pcnt) in SMP environments. The ...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all group...

6AI score0.00185EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51714

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ipset component where specific hash set variants—hash:ip,mark, hash:ip,port, hash:ip,port,ip, and hash:ip,port,net—iterate IPv4 ranges using a 32-bit...

6AI score0.00164EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51968

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bpf prog test run skb function where the system may access ip hdrskb or ipv6 hdrskb even if the provided test input contains only an Ethernet header. This occurs...

4.6CVSS5.9AI score0.00164EPSS
Exploits0References17
Vulnrichment
Vulnrichment
added 2026/06/10 8:27 p.m.8 views

CVE-2026-50131 Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation logic present starting...

8.6CVSS5.4AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 8:17 p.m.12 views

CVE-2026-50127

Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCSRESTRICTPRIVATE did not properly account for some transitional IPv6 ranges, multicast addresses, or some semi-private IPv4 ranges, which allowed some addresses to bypass private range restrictions...

5.9CVSS0.00291EPSS
Exploits0References3
OSV
OSV
added 2026/06/02 8:16 p.m.8 views

DEBIAN-CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

5.9CVSS5.9AI score0.00267EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/29 3:59 p.m.16 views

axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)

Summary shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe still routes through the...

9.9CVSS7.3AI score0.01186EPSS
Exploits2References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:3 a.m.7 views

ipv4: icmp: validate reply type before using icmp_pointers

...

8.2CVSS5.4AI score0.00433EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv4, ipv6: Fixed the handling of transhdrlen in ip,6appenddata. Including transhdrlen in the packet length is a problem when the packet is partially filled e.g., a sendMSGMORE operation occurred previously when appending to a...

5.5CVSS5.5AI score0.00226EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ip6errgenicmpv6unreach function failing to clear the cb array of skb2, which results in the IPv4 cb...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/29 12:41 p.m.6 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/24 12:25 p.m.28 views

CVE-2026-5265 Ovn: ovn: heap over-read in icmp error response generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS0.00629EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/04/24 12:25 p.m.4 views

CVE-2026-5265 Ovn: ovn: heap over-read in icmp error response generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.4AI score0.00629EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.12 views

EspoCRM 代码问题漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM developed by EspoCRM. This system offers features such as sales automation, community management, and customer support. Versions of EspoCRM 9.3.3 and earlier contained code vulnerabilities. These vulnerabilities...

4.3CVSS5.9AI score0.01978EPSS
Exploits5References4
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32508

EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have an authenticated Server-Side Request Forgery SSRF vulnerability that allows bypassing the internal-host validation logic by using alternative IPv4 representations such as octal notation e.g.,...

6.5CVSS5.8AI score0.01978EPSS
Exploits5References4
OSV
OSV
added 2026/04/10 10:16 p.m.3 views

UBUNTU-CVE-2026-40199

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/04/04 6:10 a.m.8 views

Directus: SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import

Summary A Server-Side Request Forgery SSRF protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be circumvented using IPv4-Mapped IPv6 address notation. Details Directus implements an IP deny-li...

7.7CVSS5.8AI score0.00336EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/24 4:48 p.m.3 views

SUSE-SU-2026:20852-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS5.9AI score0.00278EPSS
Exploits0References13
Rows per page
Query Builder