Lucene search
K

38 matches found

Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-15163 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service...

5.5CVSS0.00187EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.7 views

Fortinet FortiSandbox 4.4.x < 4.4.9 / 5.0.x < 5.0.6 Multiple Vulnerabilities

The version of Fortinet FortiSandbox installed on the remote host is 4.4.x prior to 4.4.9 or 5.0.x prior to 5.0.6. It is, therefore, affected by multiple vulnerabilities: - An OS command injection vulnerability may allow an unauthenticated attacker to execute unauthorized commands via specificall...

9.8CVSS7.6AI score0.23393EPSS
Exploits2References4
EUVD
EUVD
added 2026/04/30 11:3 p.m.5 views

EUVD-2026-26463

Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution...

7CVSS5.8AI score0.0018EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/30 5:34 a.m.6 views

EUVD-2026-26332

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00124EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/30 5:33 a.m.8 views

EUVD-2026-26327

MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00171EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/30 5:4 a.m.3 views

CVE-2026-7378 Heap-based Buffer Overflow in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00193EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.8 views

PT-2026-36057

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description An infinite loop in the MBIM protocol dissector can lead to a denial of service. Recommendations At the moment, there is no information about a newer...

8.8CVSS5.8AI score0.0039EPSS
Exploits43References51
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36042

Name of the Vulnerable Software and Affected Versions sharkd versions 4.4.0 through 4.4.14 sharkd versions 4.6.0 through 4.6.4 Description A crash in the software allows for a denial of service, which occurs when the system becomes unavailable to its intended users. Recommendations At the moment,...

8.8CVSS6.1AI score0.0039EPSS
Exploits43References49
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.19 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.00125EPSS
Exploits1References1
CVE
CVE
added 2026/04/14 3:38 p.m.22 views

CVE-2026-27316

The CVE-2026-27316 entry describes an insufficiently protected credentials vulnerability affecting Fortinet FortiSandbox: 5.0.0–5.0.5, FortiSandbox 4.4 (all versions), and FortiSandbox PaaS 5.0.1–5.0.5. Root cause: credentials stored or exposed in a way that can be read via client-side inspection...

2.7CVSS5.8AI score0.00305EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2026/03/27 7:52 p.m.19 views

CVE-2026-33869

Mastodon vulnerability CVE-2026-33869 affects the 4.5.x branch (before 4.5.8) and the 4.4.x branch (before 4.4.15). An attacker who knows of a quote before it reaches a server can cause the server to misprocess it, resulting in a denial of service for quote authorization. The issue does not affec...

4.8CVSS5.8AI score0.00166EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.12 views

PT-2026-28542

Name of the Vulnerable Software and Affected Versions Mastodon versions 4.5.0 through 4.5.7 Mastodon versions 4.4.0 through 4.4.14 Description Mastodon is a free, open-source social network server based on ActivityPub. An attacker who is aware of a quote before it has reached a server can prevent...

4.8CVSS5.9AI score0.00166EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/27 12:28 a.m.4 views

SUSE CVE-2026-3203

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

3.3CVSS5.8AI score0.00157EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2025/10/13 12:0 a.m.3 views

Wireshark Security Update (wnpa-sec-2025-04) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

5.5CVSS6.8AI score0.00113EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/10/13 12:0 a.m.21 views

Wireshark Security Update (wnpa-sec-2025-04) - Linux

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

5.5CVSS6.8AI score0.00113EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7710

Malware in sbrugna...

4.9CVSS8.5AI score0.00395EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.4 views

Best Practical RT 跨站脚本漏洞

Best Practical RT is a request tracker from Best Practical, Inc. A cross-site scripting vulnerability exists in Best Practical RT versions 4.4 through 4.4.7 and 5.0 through 5.0.7, which stems from the injection of specially crafted parameters in the search URL that could lead to cross-site...

7.2CVSS5.9AI score0.00271EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.6 views

B&R Industrial Automation B&R APROL 安全漏洞

B&R Industrial Automation B&R APROL is a process control system from B&R Industrial Automation, Austria. A security vulnerability exists in B&R Industrial Automation B&R APROL versions prior to 4.4-00P5, which stems from insufficient script processing privileges and could allow an authenticated...

6.8CVSS6.2AI score0.00126EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/26 12:0 a.m.2 views

shadow-utils 安全漏洞

shadow-utils is an open source package from shadow-maint. A security vulnerability exists in shadow-utils versions 4.4 through 4.17.0, which stems from the fact that the default /etc/subuid configuration may conflict with the UIDs of local network users, leading to a risk of account takeover...

3.6CVSS6.7AI score0.004EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/12 9:33 a.m.18 views

CVE-2023-4728 LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.4 - Missing Authorization on publish_lp()

The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the publishlp function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and abov...

4.3CVSS6.6AI score0.00317EPSS
Exploits0References2
Rows per page
Query Builder