Lucene search
K

2299 matches found

Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.14 views

Capacitive Touchscreens at Risk: A Practical Side-Channel Attack on Smartphones Via Electromagnetic Emanations

Capacitive touchscreens in modern smartphones introduce severe side-channel vulnerabilities. However, existing attacks often require restrictive conditions or invasive measurements. This paper presents TESLA, a novel, contactless electromagnetic EM side-channel attack that exploits inherent EM...

5.9AI score
Exploits0
Debian CVE
Debian CVE
added 2026/05/12 8:52 p.m.9 views

CVE-2026-44296

Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service DoS vulnerability affects Deskflow servers running with TLS enabled the default. When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS...

7.5CVSS5.8AI score0.00279EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/11 8:25 p.m.15 views

CVE-2026-42189

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS5.7AI score0.00481EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2026/05/11 12:0 a.m.90 views

📄 OSK Privilege Escalation

This PowerShell script acts as a wrapper/launcher for a compiled Windows exploit binary targeting the OSK On-Screen Keyboard privilege escalation vulnerability. ================================================================================================================================== | Tit...

7.8CVSS6AI score0.03239EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.11 views

OSK ATBroker Registry Security Scanner

This program is a defensive Windows security scanner designed to inspect registry locations related to On-Screen Keyboard osk.exe and Accessibility/ATBroker configuration, which are sometimes abused in privilege escalation or persistence attacks...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/08 8:16 p.m.3 views

DEBIAN-CVE-2026-42189

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS5.4AI score0.00481EPSS
Exploits1References1
NVD
NVD
added 2026/05/08 8:16 p.m.46 views

CVE-2026-42189

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS0.00481EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/05/08 7:49 p.m.7 views

CVE-2026-42189

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/05/08 7:49 p.m.24 views

CVE-2026-42189

CVE-2026-42189 affects the Russh Rust SSH library. A pre-authentication denial-of-service exists in the server keyboard-interactive authentication path: an attacker can trigger an OOM crash by sending a crafted USERAUTH_INFO_RESPONSE with a large n, causing the server to allocate memory for a mas...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References3Affected Software2
EUVD
EUVD
added 2026/05/08 7:49 p.m.30 views

EUVD-2026-28822

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/08 7:49 p.m.8 views

CVE-2026-42189 Russh: Pre-auth DoS via unbounded allocation in keyboard-interactive auth

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/05/08 7:49 p.m.6 views

CVE-2026-42189

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS5.4AI score0.00481EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/08 7:49 p.m.76 views

CVE-2026-42189 Russh: Pre-auth DoS via unbounded allocation in keyboard-interactive auth

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS0.00481EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Russh 安全漏洞

Russh is a Rust SSH client and server library developed by Eugene as a personal project. Versions of Russh prior to 0.60.1 contained security vulnerabilities. These vulnerabilities stemmed from a pre-authentication denial-of-service vulnerability in the server’s keyboard interaction authenticatio...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/05 6:33 p.m.9 views

EUVD-2026-27343

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

6.1CVSS5.7AI score0.00489EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/05 2:41 p.m.10 views

CVE-2026-34002

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References27
ATTACKERKB
ATTACKERKB
added 2026/05/05 2:41 p.m.12 views

CVE-2026-34000

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References28
Debian CVE
Debian CVE
added 2026/05/05 2:41 p.m.2 views

CVE-2026-34000

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

9.1CVSS5.7AI score0.00489EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/05 2:41 p.m.7 views

CVE-2026-34000

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

9.1CVSS5.7AI score0.00489EPSS
Exploits0
OSV
OSV
added 2026/05/03 9:55 a.m.7 views

OESA-2026-2139 xorg-x11-server security update

X.Org X11 X server Security Fixes: A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violation...

9.1CVSS5.9AI score0.00489EPSS
Exploits0References6
Rows per page
Query Builder