Lucene search
K

23990 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 1:31 p.m.17 views

kernel: bpf: Do not include stack ptr register in precision backtracking bookkeeping

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

7.8CVSS6.3AI score0.00162EPSS
Exploits0References5
OSV
OSV
added 2026/05/19 8:21 a.m.4 views

SUSE-SU-2026:2001-1 Security update for postgresql16

This update for postgresql16 fixes the following issues Update to version 16.13. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References20
OSV
OSV
added 2026/05/19 8:19 a.m.8 views

SUSE-SU-2026:1999-1 Security update for postgresql15

This update for postgresql15 fixes the following issues Update to version 15.18. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References18
GithubExploit
GithubExploit
added 2026/05/19 2:12 a.m.76 views

MC-271325-DoS-PoC

Log amplification based denial for service for vanilla Minecra...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/19 2:12 a.m.95 views

MC-271325-PoC

Status trailing-byte log amplification MC-271325 Unauthenti...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/19 12:0 a.m.12 views

Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach

The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

SUSE SLED15 / SLES15 Security Update : postgresql17 (SUSE-SU-2026:1943-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1943-1 advisory. This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: -...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References33
Packet Storm News
Packet Storm News
added 2026/05/19 12:0 a.m.14 views

Impacket 0.13.1

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and, for some protocols e.g. SMB1-3 and MSRPC, the protocol implementation itself. Packets can be constructed from scratch, as well as parse...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.7 views

RHEL 9 : corosync (RHSA-2026:19200)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19200 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS6AI score0.00994EPSS
Exploits2References7
NVD
NVD
added 2026/05/18 5:16 p.m.10 views

CVE-2026-38719

OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...

6.2CVSS0.00114EPSS
Exploits0References2
NVD
NVD
added 2026/05/18 4:16 p.m.18 views

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

7.5CVSS0.00278EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 3:48 p.m.5 views

Undefined Behavior for Input to API

Overview Affected versions of this package are vulnerable to Undefined Behavior for Input to API in the comparator function responsible for ordering Datagram Transport Layer Security DTLS packets by sequence numbers. An attacker can cause unstable packet ordering or undefined behavior by sending...

8.7CVSS5.8AI score0.01335EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 1:16 p.m.6 views

ALPINE-CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References1
NVD
NVD
added 2026/05/18 1:16 p.m.20 views

CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS0.01335EPSS
Exploits0References17
Cvelist
Cvelist
added 2026/05/18 12:44 p.m.64 views

CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS0.01335EPSS
Exploits0References16
CVE
CVE
added 2026/05/18 12:44 p.m.32 views

CVE-2026-42009

CVE-2026-42009 affects the GnuTLS library, where DTLS packet reordering uses a comparator that mishandles duplicate sequence numbers. This can cause unstable DTLS packet ordering or undefined behavior, leading to a denial of service. The vulnerability is described consistently across NVD entries ...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References17Affected Software4
Vulnrichment
Vulnrichment
added 2026/05/18 12:44 p.m.12 views

CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
added 2026/05/18 12:44 p.m.10 views

CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/05/18 12:44 p.m.17 views

CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References3
OSV
OSV
added 2026/05/18 11:53 a.m.7 views

SUSE-SU-2026:1978-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

7.8CVSS5.9AI score0.03663EPSS
Exploits17References7
Rows per page
Query Builder