Lucene search
+L

14871 matches found

CVE
CVE
added 2026/06/10 6:9 p.m.35 views

CVE-2026-10740

CVE-2026-10740 affects s2n-quic prior to version 1.8.2, where an unbounded memory allocation in the CRYPTO frame reassembler can allow an unauthenticated remote actor to trigger a denial of service (degraded availability) by sending crafted QUIC Initial packets. The vulnerability is triggered dur...

6.9CVSS5.5AI score0.00291EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 6:9 p.m.10 views

CVE-2026-10740 Excessive memory allocation in s2n-quic

Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service degraded availability by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2...

6.9CVSS5.5AI score0.00291EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 6:9 p.m.31 views

CVE-2026-10740 Excessive memory allocation in s2n-quic

Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service degraded availability by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2...

6.9CVSS0.00291EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/10 5:44 p.m.16 views

kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()

A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...

9.8CVSS6AI score0.00311EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/06/10 7:39 a.m.8 views

Security update for mariadb

This update for mariadb fixes the following issues: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. CVE-2026-35549: SHA2 auth plugin crash on large packets bsc1261413. CVE-2026-44168: wsrep SST unsafe parameter...

9.4CVSS7.1AI score0.00998EPSS
Exploits1References48
Cvelist
Cvelist
added 2026/06/10 6:16 a.m.43 views

CVE-2026-29116

A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...

8.7CVSS0.00395EPSS
Exploits3References1
Cvelist
Cvelist
added 2026/06/10 6:8 a.m.41 views

CVE-2026-29115

A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...

6.9CVSS0.00362EPSS
Exploits2References1
OSV
OSV
added 2026/06/10 12:39 a.m.13 views

MGASA-2026-0183 Updated freeciv packages fix security vulnerabilities

CVE-2026-33250, freeciv crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player's machine...

7.5CVSS5.5AI score0.00821EPSS
Exploits0References3
Mageia
Mageia
added 2026/06/10 12:39 a.m.13 views

Updated freeciv packages fix security vulnerabilities

CVE-2026-33250, freeciv crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player's machine...

7.5CVSS5.6AI score0.00821EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.21 views

Palo Alto Networks PAN-OS 代码问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There is a code vulnerability in Palo Alto Networks PAN-OS, which stems from memory corruption during tunnel traffic processing. This vulnerability could allow authenticated users to initiat...

6.9CVSS5.5AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

Russh 安全漏洞

Russh is a Rust SSH client and server library developed by Eugene as a personal project. Versions of Russh from 0.34.0 to 0.61.1 contained security vulnerabilities. These vulnerabilities stemmed from the acceptance of overly large compressed data packets when SSH compression was enabled, which...

7.5CVSS5.4AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.21 views

TDengine 数字错误漏洞

TDengine is an open-source, high-performance, cloud-native time series database developed by the TDengine company. There are digital error vulnerabilities in the TDengine 3.4.0.0 to 3.4.1.5 version. These vulnerabilities stem from unverified remote attackers sending specially crafted RPC packets,...

7.5CVSS5.4AI score0.00539EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.19 views

s2n-quic 安全漏洞

s2n-quic is a high-performance QUIC protocol implementation library open source by Amazon Web Services. Versions of s2n-quic prior to 1.8.2 contained security vulnerabilities. These vulnerabilities stemmed from unbounded memory allocation in theCRYPTO frame reassembler, which could allow...

6.9CVSS5.4AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

Dahua多款产品 安全漏洞

Dahua SD, among others, are products of China’s Dahua Corporation. Dahua SD is a series of cloud-based tabletop cameras. Dahua NVR is a series of network video recorders. Dahua XVR is a series of devices capable of recording and displaying high-definition and IP cameras. Several Dahua products ha...

8.7CVSS5.5AI score0.00395EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48517

Name of the Vulnerable Software and Affected Versions s2n-quic versions prior to 1.8.2 Description Unbounded memory allocation in the CRYPTO frame reassembler allows an unauthenticated remote actor to cause a denial of service, resulting in degraded availability, by sending crafted QUIC Initial...

6.9CVSS5.3AI score0.00291EPSS
Exploits0References5
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/09 12:0 a.m.12 views

Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability

Arista Extensible Operating System EOS contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP...

6.9CVSS5.4AI score0.00836EPSS
In wildExploits1
Vulnrichment
Vulnrichment
added 2026/06/08 7:29 p.m.12 views

CVE-2026-35058

Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows authenticated attackers to trigger a fatal assertion and cause a denial of service via a specially crafted packet...

6.9CVSS5.4AI score0.00317EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 3:27 p.m.10 views

SUSE-SU-2026:2303-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References23
NVD
NVD
added 2026/06/08 9:16 a.m.21 views

CVE-2026-3238

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

7.5CVSS0.02669EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/08 7:34 a.m.7 views

CVE-2026-3238

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

7.5CVSS5.4AI score0.02669EPSS
Exploits0References4
Rows per page
Query Builder