Lucene search
K

10 matches found

Cvelist
Cvelist
added yesterday13 views

CVE-2026-57082 Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG

Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG. The MSE Message Stream Encryption handshake derives its 160-bit Diffie-Hellman private key from Perl's rand, a non-cryptographic drand48-class generator seeded once per...

Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57081 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input

Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches captu...

Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-40290

Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches captu...

7.5CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-57079

Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata. Net::BitTorrent validates file path components only on the .torrent-file ingest path. The peer and magnet metadata path onmetadatareceived, reached from the BEP...

5.3CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-40288

Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata. Net::BitTorrent validates file path components only on the .torrent-file ingest path. The peer and magnet metadata path onmetadatareceived, reached from the BEP...

5.3CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.00143EPSS
Exploits1References1
Talos Blog
Talos Blog
added 2026/03/05 11:0 a.m.45 views

UAT-9244 targets South American telecommunication providers with three new malware implants

Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat APT actor closely associated with Famous Sparrow. Since 2024, UAT-9244 has targeted critical telecommunications infrastructure, including Windows and Linux-based endpoints and edge...

6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.5 views

The vulnerability of BitTorrent DHT traffic analyzer software from Wireshark allows a hacker to cause a service failure.

The vulnerability of BitTorrent DHT traffic analyzer software from Wireshark involves executing a loop with an unavailable exit condition. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted packets...

7.8CVSS7.2AI score0.03879EPSS
Exploits1References10Affected Software4
CNVD
CNVD
added 2017/03/30 12:0 a.m.3 views

Gazelle cross-site scripting vulnerability (CNVD-2017-05628)

Gazelle is a set of web frameworks for BitTorrent trackers. A cross-site scripting vulnerability exists in versions of Gazelle prior to 2017-03-19. A remote attacker can exploit the vulnerability to execute arbitrary HTML and script...

6.1CVSS6.5AI score0.01073EPSS
Exploits0References1
OSV
OSV
added 2015/08/13 2:59 p.m.2 views

UBUNTU-CVE-2015-5685

The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing."...

7.5CVSS6.2AI score0.05511EPSS
Exploits0References2
Rows per page
Query Builder