14 matches found
CVE-2026-31513
A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol component. A remote attacker can send a specially crafted Enhanced Credit Based Connection Request with an excessive number of Source Channel IDs SCIDs. This can cause a stack-out-of-bounds read wh...
CVE-2026-31513 Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2capecredconnreq Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerability...
PT-2026-34418
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap ecred conn req Syzbot reported a KASAN stack-out-of-bounds read in l2cap build cmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerabili...
undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded
A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...
GHSA-5RQC-W93Q-589M
creationtimestamp| type| source ---|---|--- 2026-01-07 23:10:04+00:00| published-proof-of-concept| Telegram/2JvedLLs2h42jDOpZBWHAKvZnZL811K1YWZLSfKhihcdHY...
GHSA-C32M-27PJ-4XCJ
creationtimestamp| type| source ---|---|--- 2025-06-13 17:38:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18321 2025-06-13 18:01:53+00:00| published-proof-of-concept| Telegram/BdAJvjHyhFMVsKfZl02ptmuMNqjhviASPolesySVDo2DxO4...
GHSA-XR8X-PXM6-PRJG
creationtimestamp| type| source ---|---|--- 2025-04-01 19:32:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9990...
The validation of the source channel is performed incorrectly
Lines of code Vulnerability details Impact There is a potential risk of unauthorized sources sending assets to the Canto Network and automatically swapping transferred tokens for Canto tokens. Proof of Concept When bootstrapping Canto Network, node operators config channel ID for the onboarding...
PT-2022-10483 · Undertow · Undertow
Name of the Vulnerable Software and Affected Versions: Undertow versions prior to 2.0.35.SP1 Undertow versions prior to 2.0.36.SP1 Undertow versions prior to 2.0.39.Final Undertow versions prior to 2.2.6.SP1 Undertow versions prior to 2.2.7.SP1 Undertow versions prior to 2.2.9.Final Description: ...
undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability...
undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability...
undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability...
undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability...
Command Execution Vulnerability in Minicms
MiniCMS Content Management System is a popular software under Php Source Channel. A command execution vulnerability exists in Minicms, which can be exploited by an attacker to execute arbitrary commands...