Astra Linux - уязвимость в net-snmp

The handleipv6IpForwarding function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP version 5.4.3 to 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

RHEL 9 : corosync (RHSA-2026:14210)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14210 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

Moderate: Red Hat Security Advisory: corosync security update

An update for corosync is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

corosync security update

An update is available for corosync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync packages provide the Corosync Cluster Engine and C APIs for...

RLSA-2026:13644 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

CVE-2026-33602

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

SUSE-SU-2026:21224-1 Security update for corosync

This update for corosync fixes the following issues: - CVE-2026-35091: Denial of Service and information disclosure via crafted UDP packet bsc1261299. - CVE-2026-35092: Denial of Service via integer overflow in join message validation bsc1261300...

CVE-2026-26478

The vulnerability CVE-2026-26478 affects Mobvoi TicHome Mini smart speakers (models 012-18853 and 027-58389). A shell command injection flaw lets remote attackers craft a UDP datagram to execute arbitrary shell code as root. Details provided indicate impact is root-level code execution via networ...

VulnCheck KEV: CVE-2024-12248

Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...

CVE-2025-68381 Packetbeat Improper Bounds Check

Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow CAPEC-100 and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number...

CVE-2025-59668

CVE-2025-59668 affects NIHON KOHDEN Central Monitor CNS-6201. Multiple versions are vulnerable to a NULL pointer dereference when processing a specially crafted UDP packet, causing the receiving process to terminate abnormally and leading to a denial-of-service. The attack is network-based with n...

PT-2024-20956 · Unknown · Shixcam A9 Camera

Name of the Vulnerable Software and Affected Versions: SHIXCAM A9 Camera version v.CYCAM 48B BC01 v87 0903 Description: An issue in the SHIXCAM A9 Camera firmware allows a remote attacker to obtain sensitive information via a crafted request to a UDP port. Recommendations: For version v.CYCAM 48B...

CVE-2024-20308

A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properl...

net-snmp: NULL Pointer Exception when handling ipDefaultTTL

A vulnerability was found in Net-SNMP. This issue occurs because the handleipDefaultTTL function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP has a NULL Pointer Exception flaw that allows a remote attacker who has to write access to cause the instance to crash via a crafted UDP packet,...

net-snmp: NULL Pointer Exception when handling ipDefaultTTL

A vulnerability was found in Net-SNMP. This issue occurs because the handleipDefaultTTL function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP has a NULL Pointer Exception flaw that allows a remote attacker who has to write access to cause the instance to crash via a crafted UDP packet,...

DEBIAN-CVE-2022-47516

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service daemon crash via a crafted UDP message that leads to a failure of the libsofia-sip-ua/tport/tport.c self assertion...

drachtio-server 安全漏洞

drachtio-server is a drachtio open source SIP server built on the sofia SIP stack. A security vulnerability exists in drachtio-server prior to version 0.8.20, which stems from a vulnerability that could allow a remote attacker to cause a denial of service daemon crash via a crafted UDP message,...

PT-2022-7452

Name of the Vulnerable Software and Affected Versions Net-SNMP versions 5.4.3 through 5.9.3 Description The issue is related to a NULL Pointer Exception bug in the handle ipv6IpForwarding function. This bug can be exploited by a remote attacker using a specially crafted UDP packet, resulting in a...

CVE-2022-25218

The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetdstartup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's...

CVE-2022-25218

The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetdstartup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's...