Lucene search
K

2087 matches found

NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53228

In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offloads ipip6tunnelxmit caches the inner IPv6 header pointer at function entry and continues using it after iptunnelhandleoffloads. For GSO skbs, iptunnelhandleoffloads calls...

9.8CVSS0.00559EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53249

In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options to users with CAPNETRAW capability. This prevents unprivileged...

2CVSS5.7AI score0.00128EPSS
Exploits0References11
CVE
CVE
added 2026/06/25 8:39 a.m.20 views

CVE-2026-53275

CVE-2026-53275 affects the Linux kernel IPv6 multicast path (net/ipv6/mcast.c) during MLD query processing. A pointer to the multicast group address is captured during initial packet parsing but is not reloaded after skb header changes from pskb_may_pull(), leading to a use-after-free in __mld_qu...

8.8CVSS5.8AI score0.00252EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39226

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD queries When processing an MLD query, a pointer to the multicast group address is retrieved when initially parsing the packet. This pointer is later dereferenced without being...

5.8AI score0.00252EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39210

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

5.7AI score0.00123EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.9 views

EUVD-2026-39200

In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options to users with CAPNETRAW capability. This prevents unprivileged...

5.7AI score0.00128EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.13 views

CVE-2026-53249

CVE-2026-53249 is a Linux kernel vulnerability where the IPOPT_SSRR and IPOPT_LSRR IPv4 options are restricted to CAP_NET_RAW, preventing unprivileged processes from steering packets through attacker-controlled nodes to leak information (e.g., TCP ISN). The issue is patched in multiple OS context...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53214

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.19 views

PT-2026-52623

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A configuration issue occurs when WOLFSSL IP ALT NAME is not defined, leading to a bypass of iPAddress name constraints. In this state, the software fails to enforce IP address constraints se...

7.5CVSS5.7AI score0.00155EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.13 views

CVE-2026-53006

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS0.00377EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38942

In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...

5.7AI score0.00164EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 7:14 a.m.11 views

EUVD-2026-38724

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash: range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last...

5.7AI score0.00164EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52915

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsnr values supplied from userspace. Validate optsnr in the rule setup...

7.1CVSS5.6AI score0.00126EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/24 4:42 a.m.4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.8AI score0.00563EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52131

Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 1.99 Description The 'POST /api/v1/admin/send-test-email' endpoint allows the use of attacker-controlled smtpHost and smtpPort values to establish a raw JavaMail TCP connection. This process bypasses the...

5.1CVSS5.8AI score0.00218EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.16 views

PT-2026-51728

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm espintcp component where the system may reuse an in-progress partial send. Specifically, the espintcp sendmsg function may reinitialize emsg-skmsg and reuse...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2026/06/22 4:35 a.m.5 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.8AI score0.00563EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.12 views

RHEL 8 / 9 : Satellite 6.16.9 Async Update (Important) (RHSA-2026:27076)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27076 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessi...

9.1CVSS7.3AI score0.01557EPSS
Exploits3References20
NVD
NVD
added 2026/06/19 2:16 p.m.11 views

CVE-2026-44046

Use of Less Trusted Source vulnerability in Apache APISIX. Attacker can take advantage of wolf-rbac plugin under default configuration to potentially pollute logs with spoofed identity information and exploit IP based access control rules. This issue affects Apache APISIX: from 1.2.0 through...

5.8CVSS0.00314EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipvlan: Ensure that the network headers are in the skb linear part. syzbot found that ipvlanprocessv6outbound assumes that the IPv6 network header isis present in skb-head 1. Add the necessary pskbnetworkmaypull calls for both...

5.5CVSS6.4AI score0.0018EPSS
Exploits0References2
Rows per page
Query Builder