Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

190 matches found

AlpineLinux
AlpineLinuxadded 2026/05/20 9:21 a.m.7 views

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS5.7AI score0.00068EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.2 views

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the Linux SCTP stack. A blind attacker may be able to terminate an existing SCTP connection by using invalid chunks, provided that the attacker knows the IP addresses and port numbers being used, and that the attacker can send packets with spoofed IP addresses...

6.5CVSS6.7AI score0.00164EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/21 12:31 a.m.2 views

EUVD-2026-13861

WebCTRL systems that communicate over BACnet inherit the protocol's lack of network layer authentication. WebCTRL does not implement additional validation of BACnet traffic so an attacker with network access could spoof BACnet packets directed at either the WebCTRL server or associated...

7.5CVSS5.8AI score0.00078EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/20 11:17 p.m.1 views

CVE-2026-32666

WebCTRL systems that communicate over BACnet inherit the protocol's lack of network layer authentication. WebCTRL does not implement additional validation of BACnet traffic so an attacker with network access could spoof BACnet packets directed at either the WebCTRL server or associated...

7.5CVSS5.8AI score0.00078EPSS
Exploits0References4
CVE
CVEadded 2026/03/20 11:14 p.m.5 views

CVE-2026-25086

CVE-2026-25086 affects Automated Logic WebCTRL Premium Server. Under certain conditions, an attacker could bind to the same port used by WebCTRL, enabling the crafting and sending of malicious packets and impersonation of the WebCTRL service without requiring code injection into WebCTRL. The prov...

7.7CVSS5.9AI score0.00022EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/20 12:0 a.m.2 views

PT-2026-26701

Name of the Vulnerable Software and Affected Versions WebCTRL affected versions not specified Description WebCTRL systems utilizing BACnet communication are susceptible to an issue stemming from the protocol's inherent lack of network layer authentication. The software does not perform additional...

7.5CVSS5.8AI score0.00078EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001484 advisory. A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the...

6.5CVSS6.5AI score0.00164EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 11:46 a.m.4 views

CVE-2010-0293

The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service memory consumption via spoofed 1 NTP or 2 cmdmon packets...

5CVSS6.9AI score0.01382EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/10 11:33 a.m.1 views

CVE-2025-40820

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...

8.7CVSS6.9AI score0.00104EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/09 6:30 p.m.1 views

EUVD-2025-201923

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...

8.7CVSS6.4AI score0.00104EPSS
Exploits0References2
NVD
NVDadded 2025/12/09 4:17 p.m.2 views

CVE-2025-40820

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...

8.7CVSS0.00104EPSS
Exploits0References1
CVE
CVEadded 2025/12/09 10:44 a.m.6 views

CVE-2025-40820

CVE-2025-40820 describes a vulnerability in Siemens’ IP stack (Interniche TCP/IP) affecting multiple Siemens products. The issue arises from improper enforcement of TCP sequence number validation, permitting an unauthenticated remote attacker to interfere with connection setup in TCP-based servic...

8.7CVSS6.5AI score0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/09 10:44 a.m.2 views

CVE-2025-40820

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...

8.7CVSS6.5AI score0.00104EPSS
Exploits0References1
ICS
ICSadded 2025/12/09 12:0 a.m.2 views

Siemens Interniche IP-Stack

SUMMARY Multiple Industrial products are affected by a vulnerability in the Interniche IP-Stack. The affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to...

8.7CVSS6.9AI score0.00104EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.2 views

PT-2025-49838

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...

8.7CVSS6.9AI score0.00104EPSS
Exploits0References1
FreeBSD
FreeBSDadded 2025/10/15 12:0 a.m.2 views

powerdns-recursor -- cache pollution

PowerDNS Team reports: It has been brought to our attention that the Recursor does not apply strict enough validation of received delegation information. The malicious delegation information can be sent by an attacker spoofing packets...

6.7AI score
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2003-1517

Malware in sbrugna...

4.3CVSS6.4AI score0.00925EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-5929

Malware in sbrugna...

5.9CVSS6.4AI score0.01749EPSS
Exploits0References36
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2002-2315

Malware in sbrugna...

5CVSS6.4AI score0.00594EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2013-1251

Malware in sbrugna...

5CVSS6.4AI score0.00353EPSS
Exploits0References2
Rows per page
Query Builder