Lucene search
+L

1708 matches found

CVE
CVE
added 2026/05/26 12:56 p.m.86 views

CVE-2026-48132

The CVE-2026-48132 entry describes a vulnerability in Security Gateway where length values in certain IKE packets over NAT-T (UDP/4500) are not validated correctly. This can cause the VPN processing service to terminate unexpectedly, resulting in a denial-of-service (temporary interruption of VPN...

8.1CVSS5.8AI score0.02139EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 12:56 p.m.50 views

CVE-2026-48132 VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP

The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...

8.1CVSS0.02139EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 3:26 a.m.24 views

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

7.8CVSS7.7AI score0.00651EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Check Point Security Gateway 安全漏洞

Check Point Security Gateway is a series of network security gateway devices developed by Check Point Corporation in Israel. There is a security vulnerability in Check Point Security Gateway, which stems from incorrect validation of length values in specific IKE packets during NAT-T operations...

8.1CVSS5.8AI score0.02139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.11 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

6.4AI score0.00565EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.18 views

PT-2026-43271

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An out-of-bounds read exists in the NetFlow v9 options template parser. In the process netflow v9 options template function, the scope parsing loop iterates until scopes offset...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.19 views

PT-2026-43236

Name of the Vulnerable Software and Affected Versions Security Gateway affected versions not specified Description The Security Gateway fails to correctly validate a length value in specific IKE packets when NAT-T NAT Traversal, a method allowing VPN traffic to pass through NAT devices is used vi...

8.1CVSS6AI score0.02139EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libpcap

The sf-pcapng.c file in libpcap before version 1.9.1 does not properly validate the PHB header length before allocating memory...

5.3CVSS6.2AI score0.02834EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Netty

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high-performance protocol servers and clients. In Netty io.netty:netty-codec-http2 before version 4.1.61.Final, there is a vulnerability that allows for request smuggling. This...

5.9CVSS6.5AI score0.04935EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the ofmodalias function, we can pass the str and len parameters. This could lead to a kernel oops in vsnprintf, as the function only allows passing a NULL pointer when the length is also 0. Additionally, we need to filter out...

5.3CVSS5.8AI score0.00787EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/20 12:0 a.m.10 views

FreeBSD Security Advisory - FreeBSD-SA-26:18.setcred

FreeBSD Security Advisory - The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the...

7.8CVSS6AI score0.00409EPSS
Exploits1
CheckPoint Security
CheckPoint Security
added 2026/05/20 12:0 a.m.22 views

CVE-2026-48132 - VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP

Symptoms - The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption o...

8.1CVSS5.4AI score0.02139EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/19 6:19 p.m.34 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

7.8CVSS7.9AI score0.00773EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.18 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

7.8CVSS7.9AI score0.00773EPSS
Exploits0References6
OSV
OSV
added 2026/05/19 12:0 a.m.23 views

ALSA-2026:19010 Important: postgresql16 security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

8.8CVSS6.2AI score0.01208EPSS
Exploits3References10
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.17 views

PT-2026-41681

OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enet encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item count value that is not consistently...

5.8AI score0.00114EPSS
Exploits0References3
OSV
OSV
added 2026/05/16 2:38 p.m.8 views

CLSA-2026-1778934210 Fix of 7 CVEs

SECURITY UPDATE: off-by-one OOB read in modproxyajp message getters - debian/patches/CVE-2026-33857.patch: tighten length checks msg-len - = msg-len in ajpmsggetuint8/16/32 and ajpmsgpeekuint8/16 in modules/proxy/ajpmsg.c. - CVE-2026-33857 SECURITY UPDATE: heap over-read in modproxyajp via missin...

8.8CVSS5.9AI score0.00654EPSS
Exploits2References1
NVD
NVD
added 2026/05/15 6:16 a.m.36 views

CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS0.00408EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/15 5:15 a.m.23 views

CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS6AI score0.00408EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.16 views

PT-2026-41267

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, the smb inherit dacl function fails to verify that the variable-length Security Identifier SID described by sid.num subauth is fully contained within the Access...

8.8CVSS6AI score0.00542EPSS
Exploits1References56
Rows per page
Query Builder