Lucene search
+L

399 matches found

ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.14 views

PT-2026-52488

Name of the Vulnerable Software and Affected Versions Zephyr affected versions not specified Description An issue in the IPv6 network stack allows a denial of service by sending a small number of maliciously fragmented IPv6 packets. When the fragment-header processing path handles these packets,...

7.5CVSS6.1AI score0.00278EPSS
Exploits1References7
nessus
nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all group...

5.5CVSS6AI score0.0013EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.9 views

PT-2026-52323

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SIT Simple Internet Tunneling implementation for IPv6. The ipip6 tunnel xmit function caches the inner IPv6 header pointer at the start of the function and continu...

9.8CVSS5.9AI score0.00559EPSS
Exploits0References17
nvd
nvd
added 2026/06/24 5:17 p.m.6 views

CVE-2026-52981

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

7.5CVSS0.00539EPSS
Exploits0References6
osv
osv
added 2026/06/24 7:14 a.m.2 views

CVE-2026-52921 netfilter: ipset: stop hash:* range iteration at end

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash: range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.9 views

PT-2026-51714

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ipset component where specific hash set variants—hash:ip,mark, hash:ip,port, hash:ip,port,ip, and hash:ip,port,net—iterate IPv4 ranges using a 32-bit...

6AI score0.00114EPSS
Exploits0References19
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.10 views

PT-2026-51968

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bpf prog test run skb function where the system may access ip hdrskb or ipv6 hdrskb even if the provided test input contains only an Ethernet header. This occurs...

4.6CVSS5.9AI score0.00164EPSS
Exploits0References17
redhat
redhat
added 2026/06/17 7:31 a.m.5 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS5.4AI score0.0052EPSS
Exploits0References8
redhat
redhat
added 2026/06/16 7:17 p.m.9 views

kernel: netfilter: flowtable: strictly check for maximum number of actions

A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs because the system does not strictly check the maximum number of hardware offload actions for IPv6, allowing it to process more actions than supported. This could potentially lead to system...

7.8CVSS5.4AI score0.00141EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 1:13 p.m.7 views

CVE-2026-10637 Use-after-free of `net_pkt` in IPv6 MLD send path triggerable by a link-local MLD Query

subsys/net/ip/ipv6mld.c:mldsend read the packet interface via netpktifacepkt after netsenddatapkt returned successfully. Per the network stack's ownership contract include/zephyr/net/netcore.h, and the explicit warning in subsys/net/ip/netcore.c:453-460 'do not use pkt after that call', a...

5.9CVSS6.1AI score0.00299EPSS
Exploits1References2
redhat
redhat
added 2026/06/12 7:56 p.m.44 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.6AI score0.00563EPSS
Exploits0References5
susecve
susecve
added 2026/06/12 2:25 a.m.10 views

SUSE CVE-2026-50127

Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCSRESTRICTPRIVATE did not properly account for some transitional IPv6 ranges, multicast addresses, or some semi-private IPv4 ranges, which allowed some addresses to bypass private range restrictions...

5.9CVSS5.2AI score0.00291EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/10 8:27 p.m.9 views

CVE-2026-50131 Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation logic present starting...

8.6CVSS5.4AI score0.00269EPSS
Exploits1References1
nvd
nvd
added 2026/06/10 8:17 p.m.13 views

CVE-2026-50127

Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCSRESTRICTPRIVATE did not properly account for some transitional IPv6 ranges, multicast addresses, or some semi-private IPv4 ranges, which allowed some addresses to bypass private range restrictions...

5.9CVSS0.00291EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/10 7:56 p.m.7 views

CVE-2026-50127 Weblate SSRF: outbound URL guard misses the NAT64 well-known prefix (64:ff9b::/96)

Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCSRESTRICTPRIVATE did not properly account for some transitional IPv6 ranges, multicast addresses, or some semi-private IPv4 ranges, which allowed some addresses to bypass private range restrictions...

5.9CVSS5.3AI score0.00291EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.17 views

Weblate 代码问题漏洞

Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 2026.6 had code-related vulnerabilities. These vulnerabilities stemmed from the improper handling of some transition IPv6 ranges, multicast addresses, and partially...

5.9CVSS5.3AI score0.00291EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/10 12:0 a.m.19 views

PT-2026-48524

Name of the Vulnerable Software and Affected Versions Weblate versions 5.15 through 2026.5 Description Weblate is a web-based localization tool. The VCS RESTRICT PRIVATE setting fails to properly account for certain semi-private IPv4 ranges, multicast addresses, and transitional IPv6 ranges,...

5.9CVSS5.3AI score0.00291EPSS
Exploits0References14
freebsd
freebsd
added 2026/06/09 12:0 a.m.30 views

FreeBSD -- Use-after-free bug in the IPV6_MSFILTER socket option handler

Problem Description: The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed...

7.8CVSS5.5AI score0.00104EPSS
Exploits0
osv
osv
added 2026/06/08 7:0 p.m.10 views

GHSA-3QP7-7MW8-WX86 Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking

Summary An attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo. Valid public IP addresses can bypass the restrictions. Details io.netty.handler.ipfilter.IpSubnetFilterRulecompareTojava.net.InetSocketAddress method performs a bitwise AND...

8.1CVSS5.5AI score0.00573EPSS
Exploits0References5
nvd
nvd
added 2026/06/08 5:16 p.m.18 views

CVE-2026-46310

In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1drmcleanup where it should be calling...

5.5CVSS0.00112EPSS
Exploits0References3
Rows per page
Query Builder