Lucene search
K

226 matches found

Cvelist
Cvelist
added 2026/06/24 7:14 a.m.34 views

CVE-2026-52914 batman-adv: fix fragment reassembly length accounting

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly. That accounting currently allows the accumulated...

9.8CVSS0.00519EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RuggedCom Rox Heap-based Buffer Overflow (CVE-2022-2347)

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.2AI score0.00586EPSS
Exploits1References3
OSV
OSV
added 2026/06/14 5:10 p.m.4 views

CVE-2026-54410

nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recvmsgheader function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte receive buffer by sending a crafted MBAP frame whose Length fiel...

8.8CVSS6.2AI score0.00541EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

OpenTelemetry-Go 安全漏洞

OpenTelemetry-Go is an open-source developer toolkit developed by OpenTelemetry - CNCF. Versions 1.41.0 and 1.43.0 of OpenTelemetry-Go contain security vulnerabilities. These vulnerabilities stem from the removal of the original length field, allowing Parse to handle arbitrarily large headers,...

5.3CVSS5.3AI score0.00237EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/01 10:29 a.m.11 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper configuration of the LengthFieldBasedFrameDecoder value. An attacker can cause the application to exhaust JVM heap memory and disrupt service availability by sending...

8.7CVSS5.5AI score0.0058EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This issue was addressed in the plugin plugins/epan/wimax/msgdlmap.c by validating the length field...

7.5CVSS7.1AI score0.0281EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.14 views

Micro XRCE-DDS Agent 安全漏洞

Micro XRCE-DDS Agent is an eProsima open source proxy bridging tool for resource constrained devices to communicate with the DDS world. A security vulnerability exists in Micro XRCE-DDS Agent version 3.0.1, which stems from the MTU length field in specially crafted packets and could lead to a...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.7 views

PT-2026-36524

Name of the Vulnerable Software and Affected Versions Eprosima Micro-XREC-DDS Agent version 3.0.1 Description A remote attacker can cause a denial of service by sending a crafted packet to the MTU length field. Recommendations At the moment, there is no information about a newer version that...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.33 views

CVE-2025-63547

An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted packet to the MTU length field...

0.00358EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.14 views

Open-Vehicle-Monitoring-System-3 安全漏洞

Open-Vehicle-Monitoring-System-3 is an open source vehicle remote monitoring and diagnostic control system from Open Vehicles. A security vulnerability exists in Open-Vehicle-Monitoring-System-3 version 3.3.005, which stems from the length field of the GVRET binary data in canformatgvret.cpp not...

10CVSS6.2AI score0.00678EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 12:45 p.m.7 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.58 views

Linux Distros Unpatched Vulnerability : CVE-2026-31659

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: reject oversized global TT response buffers batadvttpreparetvlvglobaldata builds the allocation length for a global TT response in 16-bit temporarie...

9.8CVSS6.2AI score0.00399EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/24 7:19 p.m.7 views

CVE-2026-41429

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...

8.8CVSS5.6AI score0.00307EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/24 7:19 p.m.48 views

CVE-2026-41429

CVE-2026-41429 affects the arduino-esp32 core (ESP32/ESP32-S2/ESP32-S3/ESP32-C3/ESP32-C6/ESP32-H2). The issue is a memory corruption in NBNS packet handling when NetBIOS is enabled via NBNS.begin(...); the code path listens on UDP port 137 and processes untrusted NBNS requests. The request parser...

8.8CVSS5.6AI score0.00307EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/04/24 2:45 p.m.5 views

EUVD-2026-25552

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadvttpreparetvlvglobaldata builds the allocation length for a global TT response in 16-bit temporaries. When a remote originator advertises a large enough global TT, the ...

5.5AI score0.00399EPSS
Exploits0References8
NVD
NVD
added 2026/04/24 1:16 p.m.14 views

CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS0.00629EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/04/24 12:24 p.m.6 views

CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.1AI score0.00629EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/22 2:17 p.m.9 views

CVE-2026-6862

A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI Extensible Firmware Interface device path node header. A local user could exploit this...

5.5CVSS5.7AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.11 views

Red Hat Enterprise Linux 10 安全漏洞

Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. There is a security vulnerability in Red Hat Enterprise Linux 10. This vulnerability stems from the fact that the device path node resolver does not verify that the Length field ...

5.5CVSS5.8AI score0.00104EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/17 9:29 a.m.6 views

CVE-2026-40253

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References5
Rows per page
Query Builder