Lucene search
+L

1423 matches found

Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48517

Name of the Vulnerable Software and Affected Versions s2n-quic versions prior to 1.8.2 Description Unbounded memory allocation in the CRYPTO frame reassembler allows an unauthenticated remote actor to cause a denial of service, resulting in degraded availability, by sending crafted QUIC Initial...

6.9CVSS5.3AI score0.00291EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.17 views

RHEL 9 : samba (RHSA-2026:25049)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25049 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

9.8CVSS6.1AI score0.12797EPSS
Exploits10References15
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2026-42764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation...

7.5CVSS7AI score0.00684EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.166 views

Linux Distros Unpatched Vulnerability : CVE-2026-34183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A...

7.5CVSS7AI score0.00511EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/09 6:33 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the QUIC stack, when flooded with PATHCHALLENGE frames. A malicious remote peer can exhaust heap memory and terminate a QUIC client or server. Remediation Upgrade openssl to versio...

8.7CVSS7.1AI score0.00511EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.13 views

EUVD-2026-35481

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS5.5AI score0.00684EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/09 6:30 p.m.12 views

EUVD-2026-35479

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

5.5AI score0.00511EPSS
Exploits0References6
NVD
NVD
added 2026/06/09 5:17 p.m.12 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS0.00684EPSS
Exploits0References4
NVD
NVD
added 2026/06/09 5:17 p.m.22 views

CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

7.5CVSS0.00511EPSS
Exploits0References5
OSV
OSV
added 2026/06/09 5:14 p.m.15 views

USN-8414-1 openssl vulnerabilities

Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or obtain sensitive information. CVE-2026-34180 Pavol Zacik and Alex Gaynor discovered that OpenSSL...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References16
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.11 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS5.5AI score0.00684EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/09 4:3 p.m.15 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS5.5AI score0.00684EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.37 views

CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

0.00684EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 4:3 p.m.2 views

CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS7.1AI score0.00684EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.10 views

CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

5.5AI score0.00684EPSS
Exploits0References4
CVE
CVE
added 2026/06/09 4:3 p.m.51 views

CVE-2026-42764

In OpenSSL’s QUIC server implementation, receiving a QUIC initial packet with an invalid or expired token can trigger a NULL pointer dereference, potentially crashing the server and causing a Denial of Service. The issue occurs when address validation is disabled, specifically when SSL_LISTENER_F...

7.5CVSS5.5AI score0.00684EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.16 views

CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

7.5CVSS5.5AI score0.00511EPSS
Exploits0
OSV
OSV
added 2026/06/09 4:3 p.m.3 views

CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

7.5CVSS7.1AI score0.00511EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.8 views

CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

5.5AI score0.00511EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/09 4:3 p.m.10 views

CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

7.5CVSS5.5AI score0.00511EPSS
Exploits0
Rows per page
Query Builder