Lucene search
K

1314 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from design flaws in the TCP ULP support implemented in the net/smc module. This vulnerability allows an...

7.8CVSS5.3AI score0.00112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.10 views

CVE-2026-37220

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2SETUPREQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 36421...

7.5CVSS5.5AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.8 views

CVE-2026-9054

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

9.2CVSS5.5AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.8 views

CVE-2026-39863

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted data packet sent over TCP. The...

7.5CVSS5.5AI score0.00463EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/01 5:56 p.m.15 views

Eclipse Open9J: Denial of Service in JITServer via crafted TCP message

A flaw was found in Eclipse Open9J and JITServer. A remote attacker, without needing to authenticate, can send a specially crafted 32-byte TCP message to JITServer. This action can cause JITServer to crash, leading to a Denial of Service DoS for affected systems...

8.7CVSS5.8AI score0.00517EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/01 12:0 a.m.14 views

EUVD-2026-33659

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2SETUPREQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 36421...

7.5CVSS5.8AI score0.00347EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45430

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2 SETUP REQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 364...

5.8AI score0.00347EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.28 views

CVE-2026-37220

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2SETUPREQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 36421...

0.00347EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 12:0 a.m.15 views

CVE-2026-37220

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2_SETUP_REQUEST is sent. The near-RT RIC assumes a persistent SCTP↔E2 node mapping in the cleanup path and enforces this with an assert(), enabling a remote unauthenticated attacker to crash the near-RT RIC (port 36421) by compl...

7.5CVSS5.8AI score0.00347EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/01 12:0 a.m.10 views

CVE-2026-37229

FlexRIC v2.0.0 contains a reachable assertion in e2apcreatepdu triggered when ASN.1 PER decoding fails. A remote unauthenticated attacker can send any non-PER byte sequence e.g., a single 0x00 byte over SCTP to the near-RT RIC port 36421 or iApp port 36422 to crash the process via SIGABRT. The...

5.8AI score0.00624EPSS
Exploits1References2
OSV
OSV
added 2026/05/29 1:34 p.m.10 views

OESA-2026-2488 python-twisted security update

Twisted is an event-based framework for internet applications, supporting Python 2.7 and Python 3.5+. It includes modules for many different purposes, including the following: Security Fixes: A denial of service vulnerability exists in Twisted framework when handling DNS compression pointer chain...

7.5CVSS5.8AI score0.00433EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:7 a.m.8 views

sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

...

7.8CVSS5.4AI score0.00104EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.19 views

SUSE CVE-2026-46227

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...

7CVSS5.7AI score0.00104EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/05/28 8:50 p.m.12 views

CVE-2026-46015

A flaw was found in the Linux kernel's TCP networking subsystem. When an established network connection is migrated between listener sockets within the same SOREUSEPORT group, applications waiting for new connections may not be properly notified. This can cause poll, epollwait, and blocking accep...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.28 views

CVE-2026-46227

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...

7.8CVSS0.00104EPSS
Exploits0References19
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.8 views

CVE-2026-46227

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...

7.8CVSS5.7AI score0.00104EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/28 9:40 a.m.13 views

EUVD-2026-32854

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...

5.8AI score0.00104EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/28 9:40 a.m.12 views

CVE-2026-46227

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...

7.8CVSS5.7AI score0.00104EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:10 a.m.6 views

tcp: call sk_data_ready() after listener migration

...

7.8CVSS5.4AI score0.00129EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/28 2:21 a.m.17 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.8AI score0.00463EPSS
Exploits0References5
Rows per page
Query Builder