Lucene search
+L

398 matches found

cnnvd
cnnvd
added 2025/08/27 12:0 a.m.6 views

Linksys E1700 安全漏洞

The Linksys E1700 is a wireless router from Linksys, USA. A security vulnerability exists in Linksys E1700 version 1.0.0.4.003, which stems from a stack buffer overflow due to incorrect manipulation of the parameter ackpolicy in the file /goform/QoSSetup...

9CVSS8.9AI score0.01322EPSS
Exploits1References6
susecve
susecve
added 2025/07/09 11:23 p.m.4 views

SUSE CVE-2025-38224

In the Linux kernel, the following vulnerability has been resolved: can: kvaserpciefd: refine error prone echoskbmax handling logic echoskbmax should define the supported upper limit of echoskb allocated inside the netdevice's priv. The corresponding size value provided by this driver to...

6.5CVSS6.4AI score0.0014EPSS
Exploits0References11
osv
osv
added 2025/07/04 2:15 p.m.5 views

UBUNTU-CVE-2025-38224

In the Linux kernel, the following vulnerability has been resolved: can: kvaserpciefd: refine error prone echoskbmax handling logic echoskbmax should define the supported upper limit of echoskb allocated inside the netdevice's priv. The corresponding size value provided by this driver to...

7.1CVSS5.7AI score0.0014EPSS
Exploits0References12
redhatcve
redhatcve
added 2025/06/23 8:39 a.m.8 views

CVE-2025-4820

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

5.3CVSS7.7AI score0.00673EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/06/23 8:38 a.m.7 views

CVE-2025-4821

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

7.5CVSS7.9AI score0.00723EPSS
Exploits0References1
nvd
nvd
added 2025/06/18 4:15 p.m.7 views

CVE-2025-4820

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

5.3CVSS0.00673EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/06/18 3:47 p.m.4 views

CVE-2025-4821 Incorrect congestion window growth by invalid ACK ranges

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

7.5CVSS7.8AI score0.00723EPSS
Exploits0References1
cve
cve
added 2025/06/18 3:47 p.m.28 views

CVE-2025-4821

CVE-2025-4821 affects Cloudflare’s quiche (QUIC) prior to 0.24.4. The issue is “Incorrect congestion window growth” caused by processing invalid ACK ranges. An unauthenticated remote attacker can complete a handshake, initiate a congestion-controlled transfer, and send ACK frames covering a large...

7.5CVSS7.8AI score0.00723EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/06/18 3:47 p.m.11 views

CVE-2025-4821 Incorrect congestion window growth by invalid ACK ranges

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

7.5CVSS0.00723EPSS
Exploits0References1
cvelist
cvelist
added 2025/06/18 3:45 p.m.13 views

CVE-2025-4820 Incorrect congestion window growth by optimistic ACK

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

5.3CVSS0.00673EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/06/18 3:45 p.m.4 views

CVE-2025-4820 Incorrect congestion window growth by optimistic ACK

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

5.3CVSS5.3AI score0.00673EPSS
Exploits0References1
osv
osv
added 2025/06/18 3:45 p.m.7 views

CVE-2025-4820 Incorrect congestion window growth by optimistic ACK

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

5.3CVSS5.9AI score0.00673EPSS
Exploits0References3
alpinelinux
alpinelinux
added 2025/06/18 3:45 p.m.6 views

CVE-2025-4820

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

5.3CVSS7.2AI score0.00673EPSS
Exploits0
ptsecurity
ptsecurity
added 2025/06/17 12:0 a.m.5 views

PT-2025-26173 · Quiche · Quiche

Name of the Vulnerable Software and Affected Versions: quiche versions prior to 0.24.4 Description: The issue is related to incorrect congestion window growth, which could cause quiche to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can explo...

7.8CVSS6.7AI score0.00723EPSS
Exploits0References10
ibm
ibm
added 2025/06/09 10:29 p.m.18 views

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now included (CVE-2023-52486 CVE-2023-52881)

Summary The following vulnerabilities that can affect IBM Storage Scale System and could provide weaker than expected security are now fixed CVE-2023-52486 CVE-2023-52881. Vulnerability Details CVEID:CVE-2023-52881 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved:...

5.5CVSS7.6AI score0.00227EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2025/06/02 12:13 p.m.8 views

CVE-2025-29785

A flaw was found in quic-go. This vulnerability allows a malicious QUIC client to cause a nil-pointer dereference, leading to an application-level denial of service via specially crafted ACK packets following spoofed path validation probes. Mitigation Mitigation for this issue is either not...

7.5CVSS6.6AI score0.00402EPSS
Exploits0References6
osv
osv
added 2025/05/02 3:55 p.m.8 views

CVE-2023-53121 tcp: tcp_make_synack() can be called from process context

In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References11
osv
osv
added 2025/05/01 1:15 p.m.15 views

UBUNTU-CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References40
cve
cve
added 2025/05/01 12:55 p.m.149 views

CVE-2025-23145

CVE-2025-23145 affects the Linux kernel (MPTCP) and describes a NULL-pointer dereference in the mptcp_can_accept_new_subflow path. The root cause is that subflow_req->msk ownership could be transferred to a subflow on the first path, creating a window where a second SYN-ACK could be processed ...

5.5CVSS6.8AI score0.00176EPSS
Exploits0References10Affected Software1
akamaiblog
akamaiblog
added 2025/04/01 12:0 p.m.12 views

Anatomy of a SYN-ACK Attack

...

7.3AI score
Exploits0
Rows per page
Query Builder