Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2026/06/13 2:19 a.m.39 views

SUSE CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

5.3CVSS5.3AI score0.00684EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/13 12:3 a.m.12 views

openssl security update

An update is available for openssl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...

9.1CVSS5.9AI score0.02719EPSS
Exploits0
NVD
NVD
added 2026/06/12 3:16 p.m.11 views

CVE-2026-44894

Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken returns false server will not send Retry — acceptable, but validateToken...

7.5CVSS0.00143EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.10 views

RockyLinux 9 : openssl (RLSA-2026:25239)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25239 advisory. openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CVE-2026-7383 openssl: OpenSSL: Denial of Service due to...

9.1CVSS6.2AI score0.02719EPSS
Exploits0References31
RedHat Linux
RedHat Linux
added 2026/06/11 1:24 p.m.9 views

openssl: NULL pointer dereference in QUIC server initial packet handling

A flaw was found in the OpenSSL QUIC Quick UDP Internet Connections server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server's address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server...

7.5CVSS5.5AI score0.00684EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenSSL vulnerabilities (USN-8414-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8414-1 advisory. Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use...

9.1CVSS6.5AI score0.02719EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/06/10 1:31 p.m.9 views

CVE-2026-42764

A flaw was found in the OpenSSL QUIC Quick UDP Internet Connections server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server's address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server...

7.5CVSS5.5AI score0.00684EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35481

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS5.5AI score0.00684EPSS
Exploits0References5
NVD
NVD
added 2026/06/09 5:17 p.m.8 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS0.00684EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 5:14 p.m.10 views

USN-8414-1 openssl vulnerabilities

Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or obtain sensitive information. CVE-2026-34180 Pavol Zacik and Alex Gaynor discovered that OpenSSL...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References16
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.32 views

CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

0.00684EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.8 views

CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

5.5AI score0.00684EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.8 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS5.5AI score0.00684EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/09 4:3 p.m.7 views

CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

7.5CVSS5.5AI score0.00511EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.22 views

PT-2026-47834

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference occurs in the OpenSSL QUIC server when receiving a QUIC initial packet containing an invalid or expired token. This issue is triggered specifically when address...

7.5CVSS5.5AI score0.00684EPSS
Exploits0References104
Rows per page
Query Builder