Lucene search
+L

989 matches found

Vulnrichment
Vulnrichment
added 3 days ago3 views

CVE-2026-50307 Windows TCP/IP Elevation of Privilege Vulnerability

...

7CVSS6.1AI score0.00204EPSS
Exploits0References1
CVE
CVE
added 3 days ago5 views

CVE-2026-50306

CVE-2026-50306 is a Windows TCP/IP use-after-free vulnerability that allows an authorized, local attacker to elevate privileges. Affected component is the Windows TCP/IP stack; impact is local privilege escalation with high severity (CVSS 3.1: 7.8). Microsoft has released updates (KB5095051, KB50...

7.8CVSS6AI score0.00245EPSS
Exploits0References1Affected Software12
Vulnrichment
Vulnrichment
added 3 days ago3 views

CVE-2026-50306 Windows TCP/IP Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 4 days ago1 views

SUSE-SU-2026:2886-1 Security update for libslirp

This update for libslirp fixes the following issues: - CVE-2026-9539: TCP URG out of bounds heap read information leak bsc1268903...

6.5CVSS6.1AI score0.00106EPSS
Exploits0References3
Metasploit
Metasploit
added last week30 views

FTP Fetch, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week28 views

FTP Fetch, Bind IPv6 TCP Stager (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week22 views

FTP Fetch, Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support

Fetch and execute an x64 payload from an FTP server. Spawn a piped command shell Windows x64 staged. Listen for an IPv6 connection with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source:...

6.2AI score
Exploits0
CVE
CVE
added 2026/07/09 9:6 p.m.16 views

CVE-2026-57023

The CVE concerns Juniper Junos OS on MX Series with SPC3 and SRX Series where a TCP proxy plugin can crash the flowd daemon via a specifically malformed TCP header during a flow session (to support ALGs/Advanced Anti‑Malware/ICAP/UTM). This is caused by improper validation of a specified quantity...

8.7CVSS6AI score0.00461EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/09 12:0 a.m.34 views

CVE-2026-51606

An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 causes the device to abruptly terminate the TCP connection with a RST packet when a request containing an oversized field value is received, without returning any RFC 2326-compliant error response...

0.00324EPSS
Exploits0References1
OSV
OSV
added 2026/07/08 5:17 p.m.3 views

DEBIAN-CVE-2026-29008

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6.1AI score0.00446EPSS
Exploits0References1
NVD
NVD
added 2026/07/08 5:17 p.m.8 views

CVE-2026-29008

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS0.00446EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/08 4:14 p.m.5 views

EUVD-2026-42332

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6AI score0.00446EPSS
Exploits0References3
CVE
CVE
added 2026/07/08 4:14 p.m.12 views

CVE-2026-29008

U-Boot 2026.04-rc3 contains a vulnerability in tcp_rx_state_machine() (net/tcp.c) that can crash the bootloader via a malformed TCP SYN+ACK with manipulated data offset, causing payload_len to become negative. The negative value is implicitly converted to a large unsigned integer and passed to me...

8.7CVSS6AI score0.00446EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/08 4:11 p.m.5 views

EUVD-2026-42328

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...

6.9CVSS6AI score0.00472EPSS
Exploits0References3
CVE
CVE
added 2026/07/08 4:11 p.m.11 views

CVE-2026-29007

CVE-2026-29007 affects U-Boot (versions up to 2026.04-rc3) with CONFIG_PROT_TCP enabled. The issue is an out-of-bounds read in tcp_rx_state_machine() (net/tcp.c) triggered by a crafted IP packet whose total length and TCP data offset fields are mismatched, e.g., IP length 40 bytes and TCP header ...

6.9CVSS6AI score0.00472EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.7 views

PT-2026-56475

Name of the Vulnerable Software and Affected Versions U-Boot versions prior to 2026.04-rc3 Description An integer underflow exists in the tcp rx state machine function within net/tcp.c. A network-adjacent attacker can trigger this by sending a malformed TCP SYN+ACK packet with a manipulated data...

8.7CVSS6AI score0.00446EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 7:35 p.m.8 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6AI score0.00298EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/07 2:14 p.m.6 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/07 5:55 a.m.15 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 2:33 p.m.4 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
Rows per page
Query Builder