Lucene search
K

10 matches found

CVE
CVE
added last week16 views

CVE-2026-15163

CVE-2026-15163 affects Wireshark up to 4.6.6 and 4.4.16, where multiple protocol dissectors can enter infinite loops due to an unreachable exit condition, causing denial of service (application unresponsiveness). Severity varies by source: NVD lists CVSSv3.1 impact as High (AV:N/AC:L/PR:N/UI:N/S:...

7.5CVSS5.9AI score0.00187EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/29 10:51 p.m.11 views

CVE-2026-10648

mcumgrserialprocessfrag in subsys/mgmt/mcumgr/transport/src/serialutil.c calls netbufreset on the result of smppacketalloc before checking it for NULL. smppacketalloc uses netbufallocKNOWAIT against the shared MCUmgr packet pool CONFIGMCUMGRTRANSPORTNETBUFCOUNT, default 4, which returns NULL when...

6.2CVSS6AI score0.00109EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/04 9:31 a.m.15 views

GoBGP has an Integer Underflow Issue

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

7.5CVSS6.8AI score0.00454EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/04/30 5:37 a.m.34 views

CVE-2026-6537

Wireshark CVE-2026-6537 affects the ZigBee protocol dissector in Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14. The vulnerability is a stack-based buffer overflow in the ZigBee dissector, causing denial of service. Exploitation status and concrete fix/version are not provided in the documents; a remedia...

5.5CVSS5.2AI score0.0018EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/04/30 5:37 a.m.8 views

CVE-2026-6537

ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.0018EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/04/30 5:4 a.m.3 views

CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00193EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/01/14 9:15 p.m.6 views

AZL-74543 CVE-2026-0962 affecting package wireshark 4.4.7-1

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

6.5CVSS5.7AI score0.00206EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/01 6:6 p.m.31 views

CVE-2026-21437 eopkg vulnerable to package file list integrity bypass

eopkg is a Solus package manager implemented in python3. In versions prior to 4.4.0, a malicious package could include files that are not tracked by eopkg. This requires the installation of a package from a malicious or compromised source. Files in such packages would not be shown by lseopkg and...

2CVSS0.0015EPSS
Exploits0References4
OSV
OSV
added 2025/09/12 2:25 p.m.4 views

OESA-2025-2264 wireshark security update

Security Fixes: A vulnerability classified as problematic CWE-476 has been found in Wireshark versions 4.4.0 to 4.4.8. The application dereferences a pointer that it expects to be valid but is NULL, typically causing a crash or exit, impacting availability. Upgrading to version 4.4.9 eliminates...

7.8CVSS6.5AI score0.00194EPSS
Exploits1References2
CNVD
CNVD
added 2017/08/25 12:0 a.m.8 views

Atlassian Crucible review file upload resource cross-site scripting vulnerability

Atlassian Crucible is a suite of code review tools from Atlassian Australia. The tool provides a review process for reviewing code, discussing changes, sharing knowledge, and identifying defects. review file upload resource is one of the upload file repositories. A cross-site scripting...

5.4CVSS5.8AI score0.00818EPSS
Exploits0References1
Rows per page
Query Builder