Lucene search
K

159 matches found

EUVD
EUVD
added 2026/07/03 12:56 p.m.6 views

EUVD-2026-41541

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add passes the prefix string to the trie builder addPrefixToTrie without checking it against the address width. addPrefixToTrie then walks the prefix buffer by prefixlength bits, reading...

6AI score0.00537EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:6 a.m.2 views

nexthop: fix IPv6 route referencing IPv4 nexthop

...

5.5CVSS6.1AI score0.00185EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.6 views

SUSE CVE-2026-53238

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.8AI score0.00128EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52333

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netlabel component where the netlbl unlabel addrinfo get function fails to independently validate the length of the mask attribute. While the function uses the...

5.5CVSS6.1AI score0.00128EPSS
Exploits0References21
NVD
NVD
added 2026/06/24 5:17 p.m.4 views

CVE-2026-53074

In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...

0.00164EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53012 nexthop: fix IPv6 route referencing IPv4 nexthop

In the Linux kernel, the following vulnerability has been resolved: nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all groups containing this nexthop is not updated. This is because...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.9 views

PT-2026-55981

Name of the Vulnerable Software and Affected Versions Hugo versions 0.162.0 through 0.163.0 Description The default security.http.urls policy fails to properly block requests to loopback, internal, and cloud-metadata IPv4 literals because the deny rule only matches dotted-decimal notation...

7.7CVSS6.1AI score0.00208EPSS
Exploits0References14
Fedora
Fedora
added 2026/06/17 8:44 a.m.14 views

[SECURITY] Fedora 44 Update: bird-3.3.1-1.fc44

BIRD is a dynamic IP routing daemon supporting both, IPv4 and IPv6, Border Gateway Protocol BGPv4, Routing Information Protocol RIPv2, RIPng, Open Shortest Path First protocol OSPFv2, OSPFv3, Babel Routing Protocol Babel, Bidirectional Forwarding Detection BFD, IPv6 router advertisements, static...

5.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.13 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.3AI score0.00188EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/11 3:29 p.m.9 views

EUVD-2026-36255

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe...

8.6CVSS5.5AI score0.00889EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

Axios 代码问题漏洞

Axios is an open-source HTTP client developed by Axios, based on Promise a solution for asynchronous programming. There were code-related vulnerabilities in versions of Axios before 0.32.0 and 1.16.0. These vulnerabilities stemmed from unnormalized IPv4-to-Ipv6 address mappings, which could lead ...

8.6CVSS5.3AI score0.00889EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.10 views

CVE-2026-8369

Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...

6CVSS5.5AI score0.00162EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/04 3:52 p.m.10 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.11 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

6.4AI score0.00565EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.13 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021629 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general...

5.5CVSS6AI score0.00258EPSS
Exploits0References3
Fedora
Fedora
added 2026/05/19 4:1 p.m.16 views

[SECURITY] Fedora 43 Update: perl-Net-CIDR-Lite-0.24-1.fc43

Faster alternative to Net::CIDR when merging a large number of CIDR address ranges. Works for IPv4 and IPv6 addresses...

6.5CVSS5.8AI score0.00311EPSS
Exploits0
Fedora
Fedora
added 2026/05/15 8:57 p.m.15 views

[SECURITY] Fedora 44 Update: perl-Net-CIDR-Lite-0.24-1.fc44

Faster alternative to Net::CIDR when merging a large number of CIDR address ranges. Works for IPv4 and IPv6 addresses...

6.5CVSS5.8AI score0.00311EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/13 1:36 p.m.68 views

CVE-2026-8369 Improper Input Validation in OpenThread NAT64 Translator

Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...

6CVSS0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 1:36 p.m.10 views

CVE-2026-8369 Improper Input Validation in OpenThread NAT64 Translator

Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...

6CVSS5.8AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 8:20 a.m.40 views

CVE-2025-40833

The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system...

8.7CVSS0.00324EPSS
Exploits0References1
Rows per page
Query Builder