Lucene search
K

24001 matches found

EUVD
EUVD
added 2026/04/30 7:36 p.m.5 views

EUVD-2026-26413

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

2.3CVSS6AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 8:56 a.m.7 views

CLSA-2026-1777539404 squid34: Fix of 12 CVEs

CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...

9.8CVSS6.7AI score0.74477EPSS
Exploits2References1
NVD
NVD
added 2026/04/30 8:16 a.m.6 views

CVE-2026-7164

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent...

7.5CVSS0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/30 7:23 a.m.35 views

CVE-2026-7164 pf can overflow the stack parsing crafted SCTP packets

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent...

0.00432EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/30 7:23 a.m.4 views

CVE-2026-7164 pf can overflow the stack parsing crafted SCTP packets

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent...

5.3AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 7:23 a.m.43 views

CVE-2026-7164

CVE-2026-7164 affects FreeBSD pf: incorrect SCTP packet validation allows unbounded recursion, leading to a stack overflow and system panic when pf processes SCTP traffic. Affected: all supported FreeBSD versions where pf handles traffic with SCTP parameters. Impact: remote attackers can cause pa...

7.5CVSS5.3AI score0.00432EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/30 7:23 a.m.2 views

CVE-2026-7164

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent...

5.3AI score0.00432EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/30 6:59 a.m.11 views

CVE-2026-7375

A flaw was found in Wireshark. A remote attacker could exploit an infinite loop in the UDS Unix Domain Socket protocol dissector by crafting a malicious network packet. This could lead to a denial of service DoS, making the Wireshark application unresponsive and unavailable to users...

7.5CVSS5.4AI score0.00193EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/30 5:36 a.m.7 views

EUVD-2026-26340

Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00146EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.9 views

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities stem from incorrect packet validation, which leads to infinite recursion when parsing SCTP block parameters. This can result in stack overflows and crashes...

7.5CVSS5.8AI score0.00432EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.8 views

PT-2026-36174

Name of the Vulnerable Software and Affected Versions Secure Access MacOS client versions prior to 14.50 Description An out of bounds read occurs when attackers controlling a modified server send a malformed packet to the client, resulting in a denial of service. Recommendations Update to version...

2.3CVSS5.8AI score0.00156EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.7 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis software developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.0016EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.00125EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

FreeBSD : FreeBSD -- pf can overflow the stack parsing crafted SCTP packets (225ba563-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 225ba563-4435-11f1-bb07-bc241121aa0a advisory. Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can...

7.5CVSS5.9AI score0.00432EPSS
Exploits0References2
NVD
NVD
added 2026/04/29 7:16 p.m.5 views

CVE-2026-7424

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...

8.1CVSS0.00223EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/29 6:35 p.m.29 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS0.00177EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 6:35 p.m.11 views

CVE-2026-7422

CVE-2026-7422 affects FreeRTOS-Plus-TCP; insufficient packet validation in IPv4/IPv6 processing (before V4.2.6 and V4.4.1) allows an adjacent attacker to bypass checksum and minimum-size checks by spoofing the Ethernet source MAC to a local endpoint, since loopback-detection skips validation for ...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/29 6:35 p.m.5 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/29 12:45 p.m.8 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/29 12:44 p.m.5 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
Rows per page
Query Builder