Lucene search
K

381852 matches found

RedHat Linux
RedHat Linux
added 2026/06/24 4:13 a.m.4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.8AI score0.00563EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 3:34 a.m.15 views

CVE-2026-12848

The CVE-2026-12848 entry refers to GV-I/O Box 4E, a device exposing DVRSearch over UDP (port 10001). Connected sources describe a concrete vulnerability in the DNS field handling: attacker-controlled input can trigger a stack overflow via copying g_network_config->dns_addr into a local reply_b...

10CVSS6.2AI score0.00427EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 3:34 a.m.7 views

EUVD-2026-38649

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:34 a.m.33 views

CVE-2026-12848 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00427EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 3:34 a.m.8 views

CVE-2026-12847

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score0.00427EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/24 3:34 a.m.33 views

CVE-2026-12847 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00427EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 3:34 a.m.8 views

EUVD-2026-38648

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score0.00427EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 3:34 a.m.12 views

CVE-2026-12847

GV-I/O Box 4E DVRSearch CMD_IP_SET buffer overflow vulnerabilities (CVE-2026-12847) affect GV-I/O Box 4E (version 2.09). The issues involve attacker-controlled fields (gateway, IP, net mask, DNS) in UDP-based DVRSearch handling on port 10001, leading to stack-based buffer overflows and potential ...

10CVSS6.2AI score0.00427EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 3:34 a.m.7 views

EUVD-2026-38647

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score0.00427EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 3:34 a.m.8 views

CVE-2026-12846

CVE-2026-12846 affects GV-I/O Box 4E (DVRSearch CMD_IP_SET buffer overflow). Connected sources confirm multiple attacker-controlled overflows in CMD_IP_SET (e.g., Net Mask field, IP field, Gateway, DNS) via UDP on port 10001, enabling arbitrary code execution on vulnerable versions (notably GV-I/...

10CVSS6.2AI score0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:34 a.m.32 views

CVE-2026-12846 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:34 a.m.32 views

CVE-2026-12485 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00436EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 3:34 a.m.9 views

EUVD-2026-38646

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score0.00436EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.12 views

CVE-2026-56406

A flaw was found in libexpat. An integer overflow vulnerability exists in the XMLParseBuffer function due to a missing check. This flaw could allow an attacker to cause memory corruption, potentially leading to arbitrary code execution, information disclosure, or a denial of service. Mitigation...

6.9CVSS5.9AI score0.00102EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.8 views

CVE-2026-56115

A flaw was found in dhcpcd. This vulnerability allows an unauthenticated attacker on the same network link to trigger a one-byte stack out-of-bounds write. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can corrupt adjacent stack memory. This can le...

8.8CVSS5.8AI score0.00307EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.11 views

CVE-2026-56114

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link could exploit a one-byte stack out-of-bounds write vulnerability in the dhcp6makemessage function. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can write beyond a...

6.5CVSS5.7AI score0.00175EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/06/24 12:0 a.m.5 views

nginx:1.26 security update

1.26.3-9.0.1 - Require oracle-indexhtml 2:1.26.3-9 - Resolves: RHEL-176218 - nginx:1.26/nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 2:1.26.3-8 - CVE-2026-32647 nginx:1.26/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files 2:1.26.3-7 -...

9.2CVSS6.5AI score0.61469EPSS
Exploits40
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51654

Name of the Vulnerable Software and Affected Versions GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default on UDP port 10001, contains a stack-based buffer overflow. The issue occurs when the server processes a UDP message and performs an unsafe...

10CVSS6.8AI score0.00436EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Oracle Linux 9 : poppler (ELSA-2026-25058)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-25058 advisory. - Fix integer overflow in tilingPatternFill CVE-2026-10118 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.8CVSS6AI score0.00252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

RHEL 8 : postgresql:12 (RHSA-2026:28999)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28999 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery vi...

8.8CVSS6AI score0.00668EPSS
Exploits0References6
Rows per page
Query Builder