Lucene search
K

7001 matches found

EUVD
EUVD
added 2026/05/28 9:35 a.m.12 views

EUVD-2026-32760

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

5.7AI score0.00574EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.11 views

SUSE CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.9CVSS5.8AI score0.00115EPSS
Exploits0References16
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.43 views

CVE-2026-45859 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...

7.5CVSS0.00595EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 12:15 p.m.38 views

CVE-2026-45859

The CVE-2026-45859 entry describes a Linux kernel netfilter nfnetlink_queue issue where a shared-unconfirmed nf_conn entry is not checked before segmentation, causing UDP packets to be dropped instead of queued when F_GSO is not set and a GSO packet arrives. The regression arose due to the check ...

7.5CVSS5.8AI score0.00595EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/27 11:16 a.m.16 views

CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.5CVSS0.00115EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 11:16 a.m.9 views

UBUNTU-CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

6.8CVSS5.7AI score0.00115EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 9:24 a.m.27 views

CVE-2026-45846

CVE-2026-45846 affects the Linux kernel bareudp code path. The vulnerability arises in bareudp_fill_metadata_dst(), which passes bareudp->sock to udp_tunnel6_dst_lookup() in the IPv6 path without a NULL check. If the bareudp device is down (socket not created or already NULLed in bareudp_stop)...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:24 a.m.11 views

CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.7AI score0.00115EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43726

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A regression in the netfilter nfnetlink queue component causes UDP packets to be dropped instead of queued. This occurs when an application has not set the F GSO capability flag and a...

7.5CVSS5.4AI score0.00595EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43680

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the bareudp fill metadata dst function. The function passes bareudp-sock to udp tunnel6 dst lookup in the IPv6 path without performing a NULL check...

5.5CVSS5.9AI score0.00115EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/05/26 12:36 p.m.19 views

Security update for samba

This update for samba fixes the following issues Security issues: CVE-2026-1933: Missing access check on reparse point operations bsc1261188. CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3012: group policy certificate enrollment uses http: // without validatio...

10CVSS5.9AI score0.12797EPSS
Exploits9References30
OSV
OSV
added 2026/05/26 12:35 p.m.6 views

SUSE-SU-2026:2074-1 Security update for samba

This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without validation bsc1261159. - CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server...

9.8CVSS5.8AI score0.12797EPSS
Exploits9References11
SUSE Linux
SUSE Linux
added 2026/05/26 12:35 p.m.24 views

Security update for samba

This update for samba fixes the following issues CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3012: group policy certificate enrollment uses http: // without validation bsc1261159. CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160...

10CVSS5.8AI score0.12797EPSS
Exploits9References20
EUVD
EUVD
added 2026/05/26 12:0 a.m.12 views

EUVD-2026-31840

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/26 12:0 a.m.9 views

CVE-2026-48684

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

6.5CVSS5.8AI score0.00264EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.15 views

PT-2026-43236

Name of the Vulnerable Software and Affected Versions Security Gateway affected versions not specified Description The Security Gateway fails to correctly validate a length value in specific IKE packets when NAT-T NAT Traversal, a method allowing VPN traffic to pass through NAT devices is used vi...

8.1CVSS6AI score0.02139EPSS
Exploits0References4
CVE
CVE
added 2026/05/26 12:0 a.m.25 views

CVE-2026-48684

CVE-2026-48684 affects FastNetMon Community Edition up to 1.2.9. The NetFlow v9 options-template parser has an out-of-bounds read in process_netflow_v9_options_template(), where the scope parsing loop and the options-field loop can read past the UDP packet buffer due to attacker-controlled option...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.14 views

Alibaba Cloud Linux 3 : 0130: corosync (ALINUX3-SA-2026:0130)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0130 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-35091: A flaw was found in...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References3
Rosalinux
Rosalinux
added 2026/05/22 8:59 a.m.17 views

Advisory ROSA-SA-2026-3292

CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of Linux kernels. A logical error occurs when transitioning a TCP socket to the espintcp mode after writing file data to the receive queue. The kernel processes file pages...

8.8CVSS6.1AI score0.93235EPSS
Exploits45
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.11 views

F5 Networks BIG-IP : BIG-IP DTLS vulnerability (K000160901)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000160901 advisory. When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server,...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References2
Rows per page
Query Builder