CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

195 matches found

SUSE CVE-2026-10650

A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lwssshparseplaintext of the file plugins/protocollwssshbase/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msglen can lead to resource consumption. The attack may be...

6.9CVSS5.7AI score0.00055EPSS

Exploits0References3

EUVD•added 2 days ago•6 views

EUVD-2026-34034

6.9CVSS5.4AI score0.00055EPSS

Exploits0References9

Debian CVE•added 3 days ago•3 views

CVE-2026-10650

6.9CVSS5.4AI score0.00055EPSS

Exploits0

ATTACKERKB•added 3 days ago•5 views

CVE-2026-10650

6.9CVSS5.7AI score0.00055EPSS

Exploits0References7Affected Software1

Cvelist•added 3 days ago•25 views

CVE-2026-10650 warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption

6.9CVSS0.00055EPSS

Exploits0References8

Positive Technologies•added 3 days ago•7 views

PT-2026-45865

Name of the Vulnerable Software and Affected Versions warmcat libwebsockets versions prior to 4.5.9 Description A flaw in the SSH Protocol Handler component allows for remote resource consumption. The issue exists within the lws ssh parse plaintext function located in the plugins/protocol lws ssh...

6.9CVSS6.1AI score0.00055EPSS

Exploits0References10

RedHat Linux•added 2026/05/26 6:51 a.m.•6 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.00082EPSS

Exploits0References4

RedHat Linux•added 2026/05/26 6:40 a.m.•6 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

7.5CVSS6.1AI score0.00082EPSS

Exploits0References4

UbuntuCve•added 2026/05/21 1:16 p.m.•10 views

CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

8.8CVSS5.9AI score0.00021EPSS

Exploits0References7

Cvelist•added 2026/05/21 12:12 p.m.•33 views

CVE-2026-43495 net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler

8.8CVSS0.00021EPSS

Exploits0References5

ATTACKERKB•added 2026/05/21 12:12 p.m.•7 views

CVE-2026-43495

5.8AI score0.00021EPSS

Exploits0References6Affected Software1

CVE•added 2026/05/21 12:12 p.m.•8 views

CVE-2026-43495

CVE-2026-43495 concerns the Linux kernel net/wwan/t7xx subsystem. The issue arises in t7xx_port_enum_msg_handler, which uses a modem-provided port_count to loop over port_msg->data[] without ensuring the message buffer is long enough, enabling a potential slab-out-of-bounds read when port_coun...

8.8CVSS5.9AI score0.00021EPSS

Exploits0References5

Positive Technologies•added 2026/05/21 12:0 a.m.•4 views

PT-2026-42452

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the t7xx port enum msg handler function where the modem-supplied port count field is used as a loop bound over port msg-data without verifying if the message buffer...

8.8CVSS5.9AI score0.00021EPSS

Exploits0References28

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msglen to CECMAXMSGSIZE I expect that the hardware will have limited this value to 16, but just in case it isn’t the case, check for this corner case...

5.5CVSS6.2AI score0.0002EPSS

Exploits0References2

EUVD•added 2026/05/06 12:30 p.m.•3 views

EUVD-2026-27688

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

6.1AI score0.00057EPSS

Exploits0References5

CVE•added 2026/05/06 11:27 a.m.•7 views

CVE-2026-43125

CVE-2026-43125 affects the Linux kernel dlm module. The vulnerability stems from unvalidated length in dlm_dump_rsb_name() coming from network messages, allowing an out-of-bounds write in dlm_search_rsb_tree() when the length exceeds DLM_RESNAME_MAXLEN. This could enable denial of service and, in...

9.8CVSS6.1AI score0.00057EPSS

Exploits0References4Affected Software1