kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

EUVD-2026-16130

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...

CVE-2026-4652

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...

CVE-2026-4652

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...

CVE-2026-4652 Remote denial of service via null pointer dereference

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...

CVE-2026-4652

Summary of CVE-2026-4652 (NVMe/TCP) : A remote attacker with network access to an NVMe/TCP target can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID, leading to an unauthenticated Denial of Service. Affected systems expose an NVMe/TCP target; imp...

FreeBSD Security Advisory - FreeBSD-SA-26:07.nvmf

FreeBSD Security Advisory - On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID...

FreeBSD-SA-26:07.nvmf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:07.nvmf Security Advisory The FreeBSD Project Topic: Remote denial of service via null pointer dereference Category: core Module: nvmf Announced: 2026-03-26...

PT-2026-28218

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...

FreeBSD : FreeBSD -- Remote denial of service via null pointer dereference (11bf64f0-28d2-11f1-b35e-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 11bf64f0-28d2-11f1-b35e-bc241121aa0a advisory. On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNEC...

CVE-2026-22998

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

EUVD-2023-32464

Malicious code in bioql PyPI...

CVE-2012-2632

SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which allows remote attackers to bypass intende...

CVE-2024-27435

In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, adminq reconnect failed forever while remote target and network is ok. After dig into it, we found ...

CVE-2024-27435 nvme: fix reconnection fail due to reserved tag allocation

In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, adminq reconnect failed forever while remote target and network is ok. After dig into it, we found ...

CVE-2024-27435 nvme: fix reconnection fail due to reserved tag allocation

In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, adminq reconnect failed forever while remote target and network is ok. After dig into it, we found ...

CVE-2023-32248

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this...

Apache Pulsar Broker Improper Authentication vulnerability

Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if the client connected through the Pulsar Proxy when the broker is configured with authenticateOriginalAuthData=false or if a...

PT-2023-23342 · Mitel · Mivoice Connect

Name of the Vulnerable Software and Affected Versions: MiVoice Connect versions 9.6.2208.101 and earlier Description: A vulnerability in the Connect Mobility Router component could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficie...

CVE-2005-2984

CVE-2005-2984 affects Avocent CCM console server (firmware 2.1 CCM4850). The issue allows bypassing port restrictions by connecting to the server via SSH and using the connect command to access the serial port. CVSS 2.0 base score 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P). Practical impact is partial conf...