Lucene search
K

23997 matches found

ATTACKERKB
ATTACKERKB
โ€ขadded 2026/05/11 4:47 p.m.โ€ข7 views

CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

8.4CVSS6.2AI score0.00782EPSS
Exploits1References8
AlpineLinux
AlpineLinux
โ€ขadded 2026/05/11 4:47 p.m.โ€ข10 views

CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

8.8CVSS6.2AI score0.00782EPSS
Exploits1
Cvelist
Cvelist
โ€ขadded 2026/05/11 4:47 p.m.โ€ข48 views

CVE-2026-4892 CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

0.00782EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
โ€ขadded 2026/05/11 4:47 p.m.โ€ข6 views

CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

5.3CVSS5.8AI score0.05729EPSS
Exploits0References8
Vulnrichment
Vulnrichment
โ€ขadded 2026/05/11 4:47 p.m.โ€ข9 views

CVE-2026-4891 CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

5.8AI score0.05729EPSS
Exploits0References6
CVE
CVE
โ€ขadded 2026/05/11 4:47 p.m.โ€ข35 views

CVE-2026-4891

CVE-2026-4891 is a heap-based out-of-bounds read in dnsmasqโ€™s DNSSEC validation that enables remote DoS via a crafted DNS packet. Affected: dnsmasq; root cause: DNSSEC validation path leads to OOB read. Impact: denial of service with no confidentiality/integrity impact reported; exploitation deta...

7.5CVSS5.8AI score0.05729EPSS
Exploits0References12
Vulnrichment
Vulnrichment
โ€ขadded 2026/05/11 4:47 p.m.โ€ข9 views

CVE-2026-4890 CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

5.8AI score0.06662EPSS
Exploits0References6
CVE
CVE
โ€ขadded 2026/05/11 4:47 p.m.โ€ข49 views

CVE-2026-4890

Dnsmasq is affected by CVE-2026-4890, a DoS vulnerability in DNSSEC validation. The issue is described as an infinite-loop flaw in DNSSEC validation, which can cause the dnsmasq service to crash or become unresponsive when processing a crafted DNS response. Affected component: dnsmasqโ€™s DNSSEC va...

7.5CVSS5.8AI score0.06662EPSS
Exploits0References12
SUSE CVE
SUSE CVE
โ€ขadded 2026/05/11 2:14 p.m.โ€ข6 views

SUSE CVE-2026-43306

In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly enforces that indirect function calls use a function pointer type that matches the target function. I ran into the following type...

5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
โ€ขadded 2026/05/11 2:14 p.m.โ€ข12 views

SUSE CVE-2026-43333

In the Linux kernel, the following vulnerability has been resolved: bpf: reject direct access to nullable PTRTOBUF pointers checkmemaccess matches PTRTOBUF via basetype which strips PTRMAYBENULL, allowing direct dereference without a null check. Map iterator ctx-key and ctx-value are PTRTOBUF |...

5.6CVSS5.8AI score0.00123EPSS
Exploits0References13
UbuntuCve
UbuntuCve
โ€ขadded 2026/05/11 12:0 p.m.โ€ข10 views

CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

5.3CVSS5.8AI score0.05729EPSS
Exploits0References2
UbuntuCve
UbuntuCve
โ€ขadded 2026/05/11 12:0 p.m.โ€ข12 views

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References2
RedhatCVE
RedhatCVE
โ€ขadded 2026/05/11 11:46 a.m.โ€ข17 views

CVE-2026-43371

A flaw was found in the Linux kernel's macb driver. When the transmit function is disabled, the driver incorrectly resets the transmit queue pointers without properly handling packets already in the queue. This can lead to silent loss of queued packets, memory leaks, and potential race conditions...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
โ€ขadded 2026/05/11 9:30 a.m.โ€ข9 views

EUVD-2026-29037

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References4
NVD
NVD
โ€ขadded 2026/05/11 8:16 a.m.โ€ข40 views

CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS0.92766EPSS
Exploits20References9
ATTACKERKB
ATTACKERKB
โ€ขadded 2026/05/11 6:26 a.m.โ€ข5 views

CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References6Affected Software1
CVE
CVE
โ€ขadded 2026/05/11 6:26 a.m.โ€ข162 views

CVE-2026-43500

Summary: CVE-2026-43500 affects the Linux kernel RXRPC path for DATA/RESPONSE packets. The issue occurs when skb fragments are externally owned (e.g., via splice() or frag lists) and the code path decrypts in place, binding frag pages into the AEAD/skcipher SGL. The fix extends the gate to unshar...

7.8CVSS5.8AI score0.92766EPSS
In wildExploits20References9Affected Software1
Cvelist
Cvelist
โ€ขadded 2026/05/11 6:26 a.m.โ€ข43 views

CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS0.92766EPSS
Exploits20References5
Tenable Nessus
Tenable Nessus
โ€ขadded 2026/05/11 12:0 a.m.โ€ข7 views

Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017655 advisory. A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAPs slapd server, to trigger an assertion failure...

7.5CVSS5.7AI score0.02858EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
โ€ขadded 2026/05/11 12:0 a.m.โ€ข6 views

MiracleLinux 8 : corosync-3.1.8-1.el8_10.1 (AXSA:2026-593:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-593:02 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References3
Rows per page
Query Builder