Lucene search
+L

88 matches found

osv
osv
โ€ขadded yesterdayโ€ข6 views

USN-8546-1 linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...

9.8CVSS6.9AI score0.00817EPSS
Exploits9References63
metasploit
metasploit
โ€ขadded 6 days agoโ€ข22 views

FTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline (IPv6)

Fetch and execute an x86 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...

6.2AI score
Exploits0
redhat
redhat
โ€ขadded 2026/07/06 2:33 p.m.โ€ข4 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
osv
osv
โ€ขadded 2026/06/25 11:55 a.m.โ€ข2 views

SUSE-SU-2026:2631-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed wo...

9.8CVSS6.7AI score0.0053EPSS
Exploits1References45
euvd
euvd
โ€ขadded 2026/06/24 7:14 a.m.โ€ข14 views

EUVD-2026-38724

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash: range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last...

5.7AI score0.00114EPSS
Exploits0References8
cvelist
cvelist
โ€ขadded 2026/06/16 9:3 p.m.โ€ข41 views

CVE-2026-11409 OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...

8.5CVSS0.02787EPSS
Exploits0References3
nessus
nessus
โ€ขadded 2026/06/10 12:0 a.m.โ€ข11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the clean...

5.5CVSS6AI score0.00112EPSS
Exploits0References2
redhat
redhat
โ€ขadded 2026/06/04 3:52 p.m.โ€ข19 views

kernel: ipv6: use RCU in ip6_output()

A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

5.8AI score0.00212EPSS
Exploits0References5
debiancve
debiancve
โ€ขadded 2026/05/27 12:56 p.m.โ€ข9 views

CVE-2026-46037

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: validate reply type before using icmppointers Extended echo replies use ICMPEXTECHOREPLY as the outbound reply type. That value is outside the range covered by icmppointers, which only describes the traditional ICMP...

8.2CVSS5.7AI score0.00433EPSS
Exploits0
astralinux
astralinux
โ€ขadded 2026/05/20 5:53 a.m.โ€ข10 views

Astra Linux โ€“ Vulnerability in open-iscsi

A issue was discovered in Contiki through version 3.0. An integer overflow exists in the uIP TCP/IP stack component when parsing TCP MSS options for IPv4 network packets in the uipprocess function in net/ipv4/uip.c...

7.5CVSS7.3AI score0.03912EPSS
Exploits0References2
astralinux
astralinux
โ€ขadded 2026/05/20 5:53 a.m.โ€ข6 views

Astra Linux โ€“ Vulnerability in Linux

In the IPv4 implementation in the Linux kernel before 5.12.4, the net/ipv4/route.c file has an information leak because the hash table is very small...

3.5CVSS6.2AI score0.00368EPSS
Exploits0References2
osv
osv
โ€ขadded 2026/05/19 12:0 a.m.โ€ข21 views

ALSA-2026:19353 Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path...

9.1CVSS7AI score0.00651EPSS
Exploits1References18
osv
osv
โ€ขadded 2026/05/15 5:41 p.m.โ€ข7 views

GHSA-P6V2-XCPG-H6XW Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation

Am I affected? Users are affected if all of the following are true: - Their app uses better-auth at a version 1.4.17, or at a v1.5 prerelease tagged = 1.5.0-beta.8. - The apps authentication endpoints serve clients reachable over IPv6. Most managed hosts including Cloudflare, Vercel, Fly.io, AWS...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References7
redhatcve
redhatcve
โ€ขadded 2026/05/14 7:58 p.m.โ€ข11 views

CVE-2026-0243

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

7.1CVSS5.8AI score0.00173EPSS
Exploits0References1
redhatcve
redhatcve
โ€ขadded 2026/05/06 9:8 p.m.โ€ข32 views

CVE-2026-43198

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS5.8AI score0.00298EPSS
Exploits0References4
redhatcve
redhatcve
โ€ขadded 2026/05/06 6:27 p.m.โ€ข13 views

CVE-2026-43139

A flaw was found in the Linux kernel's xfrm6 subsystem. This vulnerability occurs because the xfrm6getsaddr function does not properly check the return value of ipv6devgetsaddr. This oversight can result in an uninitialized source address being used, potentially leading to system instability or a...

8.6CVSS5.8AI score0.00375EPSS
Exploits0References4
debiancve
debiancve
โ€ขadded 2026/05/06 7:40 a.m.โ€ข29 views

CVE-2026-43101

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix potential NULL dereferences in ioam6filltracedata We need to check in6devget for possible NULL value, as suggested by Yiming Qian. Also add skbdstdevrcu instead of skbdstdev, and two missing READONCE. Note that @d...

7.5CVSS5.7AI score0.00426EPSS
Exploits0
susecve
susecve
โ€ขadded 2026/05/06 1:41 a.m.โ€ข15 views

SUSE CVE-2026-43037

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...

7.5CVSS5.8AI score0.00563EPSS
Exploits0References28
cvelist
cvelist
โ€ขadded 2026/05/01 2:15 p.m.โ€ข38 views

CVE-2026-43057 net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback

In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...

7.5CVSS0.00389EPSS
Exploits0References6
attackerkb
attackerkb
โ€ขadded 2026/04/10 9:42 p.m.โ€ข3 views

CVE-2026-40198

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

6.3CVSS6.6AI score0.00493EPSS
Exploits0References4
Rows per page
Query Builder