CVE-2026-52721 Gstreamer1-plugins-bad-free: gstreamer: multiple out-of-bounds reads in pcapparse ipv4/tcp header parsing

Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could...

CVE-2026-52721

CVE-2026-52721 concerns GStreamer’s pcapparse element (in gstreamer1-plugins-bad-free). The issue involves multiple out-of-bounds reads during IPv4/TCP header parsing when processing malformed PCAP records. The vulnerability could allow a local attacker to trigger a crash or information disclosur...

ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

EUVD-2026-31403

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

Fleet 安全漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.80.1 contained security...

OVN 安全漏洞

OVN is an open-source data center virtualization platform based on virtual network technology. OVN has a security vulnerability that arises from the lack of verification of the total length of the IP header declaration and the actual packet buffer size when generating ICMP error responses. This c...

CVE-2026-31472

CVE-2026-31472 concerns the Linux kernel, specifically the xfrm/ IPTFS path. A crafted ESP packet with an inner IPv4 header can cause an infinite loop in __input_process_payload() if the inner header has tot_len=0 or malformed ihl. The fix adds validation to reject inner packets where tot_len &lt...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-50033)

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

DEBIAN-CVE-2024-50033

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

AZL-51153 CVE-2024-50033 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

The vulnerability of the gso component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the gso component in Linux operating systems is related to the absence of an external header called ip. Exploiting this vulnerability can allow a perpetrator to cause a service failure...

SUSE CVE-2020-17438

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafti...

CVE-2021-31890

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions, SIMOTICS CONNECT 400 All versions V0.5.0.0, SIMOTICS CONNECT 400 All versions V1.0.0.0. The total length of an TCP...

PT-2021-6894 · Mentor Graphics +1 · Nucleus Net +10

Name of the Vulnerable Software and Affected Versions: Capital Embedded AR Classic 431-422 versions prior to V2303 Capital Embedded AR Classic R20-11 versions prior to V2303 PLUSCONTROL 1st Gen versions prior to the fixed version SIMOTICS CONNECT 400 versions prior to V0.5.0.0 SIMOTICS CONNECT 40...

Contiki Buffer Error Vulnerability

Contiki is an open source cross-platform operating system for IoT Internet of Things devices. Contiki 3.0 suffers from a buffer error vulnerability that stems from an inability to validate the total length of incoming packets specified in its IP header as well as the segmentation offset value...

Code Execution Vulnerability in PHP7CMS Frontend

PHP7 content management system referred to as PHP7CMS by Chunjie studio using PHP7 technology newly developed content management program. A code execution vulnerability exists in the frontend of PHP7CMS. The vulnerability is due to the IP header of PHP7CMS is written to the log file without being...

Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability

The Cisco Aironet 1800 Series Access Point is a small to medium-sized wireless network access point product. The Cisco Aironet 1800 Series Access Point devices have a security vulnerability in the IP incoming packet processor due to the IP packet header not being properly input validated. It coul...