Lucene search
K

1528 matches found

Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.9 views

Parser-Free Querying of Security Logs

Security analysts routinely query system logs to detect threats and investigate incidents, but each log source uses its own semi-structured format: logs are cheap to produce, but expensive to use. The standard approach, building per-source parsers to normalize logs into structured schemas, is...

5.9AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in curl

There is an improper authentication vulnerability in curl versions 7.33.0 through and including 7.82.0. This vulnerability may allow for the reuse of OAUTH2-authenticated connections without ensuring that the connection was authentically verified with the same credentials used for this transfer...

8.1CVSS6.5AI score0.01914EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Samba

A vulnerability related to information leaks was discovered in Samba’s LDAP server. Due to missing access control checks, a authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

4.3CVSS6.2AI score0.01168EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/19 10:37 a.m.10 views

CVE-2026-8836

A flaw was found in lwIP. A remote attacker can exploit a stack-based buffer overflow vulnerability in the snmpparseinboundframe function within the SNMPv3 User-based Security Model USM Handler. By manipulating specific authentication parameters, an attacker could potentially achieve arbitrary co...

10CVSS6.3AI score0.01016EPSS
Exploits1References2
OSV
OSV
added 2026/05/18 7:16 p.m.6 views

UBUNTU-CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

9.8CVSS6.1AI score0.01016EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2026/05/18 6:45 p.m.10 views

CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

10CVSS7.7AI score0.01016EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/05/18 6:45 p.m.11 views

CVE-2026-8836 lwIP snmpv3 USM snmp_msg.c snmp_parse_inbound_frame stack-based overflow

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

10CVSS7.7AI score0.01016EPSS
Exploits1References6
CVE
CVE
added 2026/05/18 6:45 p.m.48 views

CVE-2026-8836

Summary: lwIP up to 2.2.1 contains a vulnerability in the SNMPv3 USM handler. The issue is in the function snmp_parse_inbound_frame (file: src/apps/snmp/snmp_msg.c) where manipulating msgAuthenticationParameters can cause a stack-based buffer overflow. The attack is potentially remote. A patch is...

10CVSS7.7AI score0.01016EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.13 views

PT-2026-41721

Name of the Vulnerable Software and Affected Versions lwIP versions prior to 2.2.2 Description A stack-based buffer overflow exists in the snmpv3 USM Handler component. A remote attacker can trigger this issue by manipulating the msgAuthenticationParameters argument within the snmp parse inbound...

10CVSS7.7AI score0.01016EPSS
Exploits1References19
Packet Storm News
Packet Storm News
added 2026/05/17 12:0 a.m.58 views

LITE-SOC: Lightweight Security Operations Center Simulator for Cybersecurity Education

This innovative practice WIP paper describes LITE-SOC, a lightweight web-based Security Operations Center SOC simulator designed for instructor-led cybersecurity education. SOC analysts must triage large volumes of alerts, separate genuine threats from false positives, and communicate decisions...

5.8AI score
Exploits0
CVE
CVE
added 2026/05/15 7:59 p.m.30 views

CVE-2026-44551

Open WebUI vulnerability CVE-2026-44551: before version 0.9.0, the LDAP authentication endpoint does not validate non-empty passwords, allowing an unauthenticated Simple Bind on many LDAP servers. The LdapForm model accepts password: str without a minimum length, so an empty string can reach the ...

9.1CVSS5.8AI score0.01461EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.9 views

CVE-2026-34339

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.10 views

EUVD-2026-29966

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS5.8AI score0.003EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.17 views

Empowering IoT Security: On-Device Intrusion Detection in Resource Constrained Devices

IoT devices particularly microcontrollers are challenged by their inherent limitations in processing capabilities, memory capacity, and energy conservation. Securing communication within IoT networks is further complicated by the heterogeneity of devices and the myriad of potential security...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.8 views

PT-2026-40640

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication,...

8.7CVSS5.8AI score0.003EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/12 4:59 p.m.14 views

CVE-2026-34339 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:59 p.m.71 views

CVE-2026-34339

Technical details about CVE-2026-34339 (Windows LDAP denial of service) are not publicly available in the provided connected documents. Monitor for updates from Microsoft/NVD for affected products, vectors, and fixes.

5.5CVSS5.8AI score0.00292EPSS
Exploits0References1Affected Software13
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40158

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References2
OSV
OSV
added 2026/05/08 5:43 a.m.6 views

BIT-JRE-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS6.7AI score0.02879EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-38721

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS5.8AI score0.02879EPSS
Exploits0References16
Rows per page
Query Builder