Lucene search
K

7041 matches found

SUSE CVE
SUSE CVE
added 2025/08/28 11:22 p.m.2 views

SUSE CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS6.9AI score0.00495EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/28 9:41 p.m.3 views

CVE-2025-40779

A vulnerability was found in Kea. When an attacker who is an existing client with an assigned IP sends a crafted unicast packet directly to the server's IP and Kea cannot find any subnets that match that client's credentials, the server crashes causing a Denial of Service via assertion/NULL-path...

7.5CVSS6.3AI score0.00495EPSS
Exploits0References4
NVD
NVD
added 2025/08/27 9:15 p.m.3 views

CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS0.00495EPSS
Exploits0References2
OSV
OSV
added 2025/08/27 9:15 p.m.6 views

CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS7AI score0.00495EPSS
Exploits0References2
OSV
OSV
added 2025/08/27 9:15 p.m.2 views

UBUNTU-CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS5.8AI score0.00495EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/27 8:23 p.m.11 views

CVE-2025-40779 Kea crash upon interaction between specific client options and subnet selection

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS0.00495EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 8:23 p.m.40 views

CVE-2025-40779

CVE-2025-40779 affects Kea DHCP server: when a DHCPv4 client unicast request includes specific options and Kea cannot select a subnet, kea-dhcp4 aborts with an assertion. Affected versions are Kea 2.7.1–2.7.9, 3.0.0, and 3.1.0. Public advisories and Nessus plugins indicate fixes in Kea 3.0.1 (and...

7.5CVSS7.1AI score0.00495EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/08/27 8:23 p.m.5 views

CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS6.6AI score0.00495EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2020-36228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial o...

7.5CVSS7.3AI score0.83381EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-33263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QuickJS commit 3b45d15 was discovered to contain an Assertion Failure via JSFreeRuntimeJSRuntime at quickjs.c. CVE-2024-33263 Note that Nessus relies on the...

4CVSS4.8AI score0.00316EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2018-4212

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected...

8.8CVSS7.8AI score0.02045EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-6497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file...

4.8CVSS4.7AI score0.00134EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-29935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.countop && operation was already replaced. CVE-2023-29935 Note that...

5.5CVSS6.4AI score0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-53429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash. CVE-2024-53429 Note that Nessus relies on the presence of the package ...

7.5CVSS5.4AI score0.00711EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/08/26 1:26 p.m.2 views

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

7.5CVSS5.8AI score0.01149EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

openSUSE 15 Security Update : cmake3 (SUSE-SU-2025:02975-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02975-1 advisory. - CVE-2025-9301: Fixed assertion failure due to improper validation bsc1248461 Tenable has extracted the preceding description block directly from the SUSE...

4.8CVSS4.8AI score0.00135EPSS
Exploits0References4
OSV
OSV
added 2025/08/26 12:0 a.m.7 views

ALSA-2025:14625 Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modproxyhttp2: untrusted input from a client causes an assertion to fail in the Apache modproxyhttp2 module CVE-2025-49630 For more details about the security...

7.5CVSS6.9AI score0.01149EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/08/25 11:33 p.m.3 views

SUSE CVE-2025-9403

A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function runjqtests of the file jqtest.c of the component JSON Parser. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Othe...

3.3CVSS3.8AI score0.00194EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/08/25 12:3 p.m.3 views

Security update for cmake3

This update for cmake3 fixes the following issues: CVE-2025-9301: Fixed assertion failure due to improper validation bsc1248461 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

4.6CVSS3.8AI score0.00135EPSS
Exploits0References4
OSV
OSV
added 2025/08/25 12:3 p.m.2 views

SUSE-SU-2025:02976-1 Security update for cmake3

This update for cmake3 fixes the following issues: - CVE-2025-9301: Fixed assertion failure due to improper validation bsc1248461...

4.8CVSS5.8AI score0.00135EPSS
Exploits0References3
Rows per page
Query Builder