591 matches found
Lakeside SysTrack Agent 代码问题漏洞
Lakeside SysTrack Agent is a proxy component developed by Lakeside Corporation in the United States, used for collecting performance data from terminal devices and user experience metrics. There is a code vulnerability in Lakeside SysTrack Agent, which stems from an out-of-bounds read in the...
CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
PT-2026-43726
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A regression in the netfilter nfnetlink queue component causes UDP packets to be dropped instead of queued. This occurs when an application has not set the F GSO capability flag and a...
CentOS 9 : kernel-5.14.0-708.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-708.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks...
corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet
A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...
CVE-2026-48132
The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...
CVE-2026-9395
A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...
SUSE-SU-2026:2071-1 Security update for samba
This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. - CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. - CVE-2026-4480: Unauthenticated...
PT-2026-43271
Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An out-of-bounds read exists in the NetFlow v9 options template parser. In the process netflow v9 options template function, the scope parsing loop iterates until scopes offset...
CVE-2026-48684
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...
CVE-2026-9395 Besen BS20 EV Charging Station BLE/UDP insufficiently protected credentials
A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...
CVE-2026-9395
The CVE-2026-9395 entry describes a vulnerability in Besen BS20 EV Charging Station (firmware cutoff 20260426) affecting an unspecified function of the BLE/UDP component. The issue is described as leading to insufficiently protected credentials, with the attack requiring access from the local net...
Besen BS20 EV Charging Station 安全漏洞
The Besen BS20 EV Charging Station is an AC electric vehicle wall-mounted charging station developed by the Chinese company Besen. The Besen BS20 EV Charging Station, including versions dated before April 2026, contains security vulnerabilities. These vulnerabilities stem from improper operation ...
Advisory ROSA-SA-2026-3293
CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of Linux kernels. A logical error occurs when transitioning a TCP socket to the espintcp mode after writing file data to the receive queue. The kernel processes file pages...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: UDP: The auto-bound connected sockets’ hash values are unhashed when they are disconnected from the network. Suppose we bind an UDP socket to a wildcard address with a non-zero port, then connect it to a specific address, and lat...
Astra Linux – Vulnerability in c-ares
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service attacks. When a target resolver sends a query, the attacker creates a malformed UDP packet with a length of 0 and sends it back to the target resolver. The target resolver misinterprets this 0-length field as an...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - UDP: Fixed a race condition between close and udpabort. - Kaustubh reported and diagnosed a panic condition in udpliblookup. The root cause is that udpabort is racing with close. Both functions attempt to acquire the socket...
Astra Linux – Vulnerability in Memcached
Memcached 1.6.7 allows a Denial of Service attack through multi-packet uploads in UDP...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Check the bearer type before calling tipcudpnlbeareradd syzbot reported the following general protection fault 1: General protection fault, likely for non-canonical address 0xdffffc0000000010: 0000 1 PREEMPT SMP KASAN...
Astra Linux – Vulnerability in dnsmasq
A issue was discovered in Dnsmasq before version 2.90. The default maximum EDNS.0 UDP packet size was set to 4096, but it should be 1232 due to DNS Flag Day 2020...