Lucene search
+L

3186 matches found

EUVD
EUVD
added 2026/06/12 2:19 p.m.11 views

EUVD-2026-36451

Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping t...

7.5CVSS5.4AI score0.0038EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/12 2:19 p.m.12 views

CVE-2026-46340 Netty: SCTP reassembly nests buffers without bound

Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping t...

7.5CVSS5.4AI score0.0038EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 2:19 p.m.76 views

CVE-2026-46340

Netty SCTP reassembly vulnerability (CVE-2026-46340) affects netty-transport-sctp before 4.1.135.Final and 4.2.15.Final. For each non-complete SctpMessage fragment, fragments are accumulated by wrapping the previous accumulator with the new slice into a new CompositeByteBuf, creating an unbounded...

7.5CVSS5.4AI score0.0038EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/11 1:28 p.m.14 views

netty-incubator-codec-ohttp's Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access

The netty-incubator-codec-ohttp library implements Oblivious HTTP RFC 9458 using BoringSSL's HPKE C library via JNI. When deriving native memory addresses for cryptographic operations, provides a fallback path for direct ByteBufs that do not expose their memory address through hasMemoryAddress...

9.1CVSS5.8AI score0.00174EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/11 1:26 p.m.19 views

Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Impact The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state depths field but defines no channelInactive, handlerRemoved, or...

8.7CVSS5.5AI score0.005EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/06/11 1:26 p.m.10 views

GHSA-6JV9-X5W9-2CCM Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Impact The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state depths field but defines no channelInactive, handlerRemoved, or...

8.7CVSS5.5AI score0.005EPSS
Exploits0References9
OSV
OSV
added 2026/06/11 9:12 a.m.4 views

SUSE-SU-2026:2367-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. - CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. - CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708...

9.1CVSS5.3AI score0.01335EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2026/06/11 9:12 a.m.7 views

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...

8.8CVSS5.5AI score0.01335EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/10 12:40 p.m.10 views

EUVD-2026-36012

Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rustdemangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary analys...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/10 12:40 p.m.40 views

CVE-2026-52753 Ghidra < 12.0.3 - Out-of-Memory in Rust Symbol Demangler via Malformed Symbol

Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rustdemangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary analys...

6.7CVSS0.00151EPSS
Exploits1References2
OSV
OSV
added 2026/06/10 12:40 p.m.2 views

CVE-2026-52753 Ghidra < 12.0.3 - Out-of-Memory in Rust Symbol Demangler via Malformed Symbol

Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rustdemangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary analys...

6.7CVSS6AI score0.00151EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

National Security Agency Ghidra 安全漏洞

National Security Agency Ghidra is a software reverse-engineering framework developed by the National Security Agency NSA. Versions of National Security Agency Ghidra prior to 12.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the rustdemangle function, which allocated...

6.7CVSS5.3AI score0.00151EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.13 views

CVE-2026-34194

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...

7.1CVSS5.5AI score0.00116EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 1:41 p.m.13 views

CVE-2026-46323

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS5.4AI score0.00137EPSS
Exploits0References10
OSV
OSV
added 2026/06/09 1:16 p.m.10 views

UBUNTU-CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS5.3AI score0.00137EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/09 12:11 p.m.12 views

CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS5.3AI score0.00137EPSS
Exploits0
OSV
OSV
added 2026/06/09 12:11 p.m.2 views

CVE-2026-46323 net: gro: don't merge zcopy skbs

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS6.5AI score0.00137EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2026/06/09 11:18 a.m.8 views

cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

9.8CVSS5.6AI score0.00652EPSS
Exploits0References7
Veracode
Veracode
added 2026/06/09 9:19 a.m.12 views

Denial Of Service (DoS)

Netty is vulnerable to Denial of Service DoS. The vulnerability is due to unbounded accumulation of incomplete SCTP message fragments in nested CompositeByteBuf structures without limits on fragment count, size, or stream identifiers, which allows an attacker to exhaust memory and processing...

7.5CVSS5.5AI score0.0038EPSS
Exploits0References8Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.12 views

SUSE CVE-2026-46301

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind...

6.4CVSS5.4AI score0.00117EPSS
Exploits0References3
Rows per page
Query Builder