1471 matches found
EUVD-2026-42645
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL fiel...
CVE-2026-10655
The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...
CVE-2026-10655
The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...
CVE-2026-10655
Concrete details found: Zephyr’s asynchronous SNTP client (sntp_close_async) can race with the socket service poll thread. Closing the UDP socket descriptor from a different thread (SNTP timeout path) may free and reuse net_context while the poll thread holds a poller node, causing a use-after-fr...
Linux Distros Unpatched Vulnerability : CVE-2026-53222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ptp: ocp: fix resource freeing order Commit a60fc3294a37 ptp: rework ptpclockunregister to disable events added a call to ptpdisableallevents which changes the...
CVE-2026-32833
CVE-2026-32833 affects Cudy LT300 3.0 firmware prior to 2.5.12. The vulnerability arises in the system time configuration interface, where an authenticated attacker can inject shell metacharacters into the cbid.system.ntp.current POST parameter via the NTP settings endpoint, enabling remote code ...
EUVD-2026-39862
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
CVE-2026-52971
A flaw was found in the Linux kernel's Elastic Network Adapter ENA driver, specifically within the Precision Time Protocol Hardware Clock PHC timestamp retrieval function. A race condition exists where the gettimestamp function could attempt to access memory that has already been freed by the...
CVE-2026-53222
In the Linux kernel, CVE-2026-53222 relates to the ptp: ocp driver. The root cause was use-after-free during driver removal caused by freeing resources in ptp_ocp_detach() before ptp_clock_unregister(), after a change that disables events via ptp_disable_all_events(). The fix changes the free/unr...
CVE-2026-53222
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix resource freeing order Commit a60fc3294a37 "ptp: rework ptpclockunregister to disable events" added a call to ptpdisableallevents which changes the configuration of pins if they support EXTTS events. In ptpocpdetach...
PT-2026-52317
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists during driver removal in the Precision Time Protocol PTP OCP implementation. The ptp ocp detach function frees pin resources before calling ptp clock...
CVE-2026-52971 net: ena: PHC: Fix potential use-after-free in get_timestamp
In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...
Astra Linux – Vulnerability in gst-plugins-good1.0
GStreamer rtpqdm2depay: Heap-based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac – ensure that ptprate is not set to 0 before configuring EST. If the value of ptprate, which was previously recorded in the driver, happens to be 0, this invalid value will be propagated up to the EST configuration,...
Oracle Linux 9 : kernel (ELSA-2026-19225)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19225 advisory. - xfrm: esp: avoid in-place decrypt on shared skb frags Sabrina Dubroca RHEL-174563 CVE-2026-43284 - crypto: authencesn - Do not place hiseq at end of...
OPENSUSE-SU-2026:21145-1 Security update for mbedtls-2
This update for mbedtls-2 fixes the following issues: Changes in mbedtls-2: - Enable SRTP and DTLS protocols needed by some software. - Update to version 2.28.10: Default behavior changes In TLS clients, if mbedtlssslsethostname has not been called, mbedtlssslhandshake now fails with...
EUVD-2026-37190
In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37213
In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2026-0165
In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2026-0156
In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...