Lucene search
+L

700 matches found

osv
osv
added 2026/05/01 8:34 p.m.39 views

EEF-CVE-2026-42786 WebSocket fragmented message reassembly unbounded in bandit

Summary Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in 'Elixir.Bandit.WebSocket.Connection':handle\frame/3 in lib/bandit/websocket/connection.ex appends eve...

8.7CVSS6.2AI score0.00549EPSS
Exploits0References4
nessus
nessus
added 2026/04/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References2
susecve
susecve
added 2026/04/23 1:25 a.m.9 views

SUSE CVE-2026-31517

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/04/22 8:15 p.m.8 views

CVE-2026-31517

A flaw was found in the Linux kernel's IP-TFS IP-Transparent Fragmentation Service subsystem. A remote attacker could send specially crafted network packets that, during the reassembly process, cause the kernel to attempt an invalid operation on a network buffer. This improper handling of network...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
euvd
euvd
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24901

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

5.7AI score0.00121EPSS
Exploits0References4
nvd
nvd
added 2026/04/22 2:16 p.m.6 views

CVE-2026-31517

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

5.5CVSS0.00121EPSS
Exploits0References3
cve
cve
added 2026/04/22 1:54 p.m.21 views

CVE-2026-31517

The CVE-2026-31517 vulnerability affects the Linux kernel’s IP-TFS (xfrm_iptfs) reassembly path. During datagram reassembly, an optimization can make newskb non-linear; if a subsequent fragment is appended via skb_put(), the code may trigger a SKB_LINEAR_ASSERT and crash (OOPS). The documented fi...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/04/22 1:54 p.m.34 views

CVE-2026-31517 xfrm: iptfs: fix skb_put() panic on non-linear skb during reassembly

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

0.00121EPSS
Exploits0References3
osv
osv
added 2026/04/22 1:54 p.m.2 views

CVE-2026-31517 xfrm: iptfs: fix skb_put() panic on non-linear skb during reassembly

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

5.5CVSS6AI score0.00121EPSS
Exploits0References6
nvd
nvd
added 2026/04/22 8:16 a.m.5 views

CVE-2026-6022

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

7.5CVSS0.00288EPSS
Exploits0References1
cvelist
cvelist
added 2026/04/22 7:7 a.m.30 views

CVE-2026-6022 Uncontrolled Resource Consumption Vulnerability in Telerik UI for ASP.NET AJAX

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

7.5CVSS0.00288EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/04/22 12:0 a.m.15 views

PT-2026-34265

Name of the Vulnerable Software and Affected Versions Telerik UI for AJAX versions prior to 2026.1.421 Description RadAsyncUpload contains an uncontrolled resource consumption issue. This occurs because of missing cumulative size enforcement during chunk reassembly, which allows file uploads to...

7.5CVSS5.8AI score0.00288EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/04/22 12:0 a.m.9 views

PT-2026-34422

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skb put panic on non-linear skb during reassembly In iptfs reassem cont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succee...

5.7AI score0.00121EPSS
Exploits0References4
cvelist
cvelist
added 2026/04/17 7:43 p.m.19 views

CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

7.7CVSS0.00544EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/17 7:43 p.m.10 views

CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

7.7CVSS6.1AI score0.00544EPSS
Exploits0References2
osv
osv
added 2026/04/17 7:43 p.m.2 views

CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

7.7CVSS7.4AI score0.00544EPSS
Exploits0References4
nessus
nessus
added 2026/04/17 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007263)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007263 advisory. In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass...

5.5CVSS6.5AI score0.0038EPSS
Exploits1References4
fedora
fedora
added 2026/03/26 2:31 a.m.6 views

[SECURITY] Fedora 44 Update: wireshark-4.6.4-2.fc44

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.5CVSS5.9AI score0.00184EPSS
Exploits3
fedora
fedora
added 2026/03/15 1:16 a.m.8 views

[SECURITY] Fedora 42 Update: wireshark-4.6.4-1.fc42

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.5CVSS5.8AI score0.00184EPSS
Exploits3
fedora
fedora
added 2026/03/15 12:57 a.m.9 views

[SECURITY] Fedora 43 Update: wireshark-4.6.4-1.fc43

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.5CVSS5.8AI score0.00184EPSS
Exploits3
Rows per page
Query Builder