Lucene search
K

1739 matches found

Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-55314

Name of the Vulnerable Software and Affected Versions Libreswan affected versions not specified Description An invalidly formatted IKEv2 fragment can cause the pluto daemon to crash and restart, leading to a denial of service. The issue occurs within the reassemble v2 incoming fragments function,...

7.5CVSS6.4AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.10 views

CVE-2026-56116

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit a memory leak vulnerability in the IPv6 Router Advertisement route information handling. By repeatedly sending specially crafted Router Advertisements with a zero lifetime, the attacker can cause the syst...

7.1CVSS5.8AI score0.00187EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/23 4:11 p.m.6 views

EUVD-2026-38496

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS5.8AI score0.00187EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.11 views

PT-2026-51565

Name of the Vulnerable Software and Affected Versions dhcpcd versions prior to 10.3.2 Description An issue in the IPv6 Router Advertisement route information handling allows an unauthenticated attacker on the same link to cause a denial of service. By repeatedly sending crafted Router...

7.1CVSS5.7AI score0.00187EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libvirt

A use-after-free flaw was discovered in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting...

6.5CVSS6.7AI score0.01217EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libvirt

A NULL pointer dereference flaw was discovered in the udevConnectListAllInterfaces function within libvirt. This issue can occur when detaching a host interface while simultaneously collecting the list of interfaces using the virConnectListAllInterfaces API. This flaw could be exploited to carry...

5.5CVSS6.3AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in avahi

A vulnerability was discovered in the avahi library. This flaw allows a non-privileged user to make a dbus call, causing the avahi daemon to crash...

5.5CVSS6.3AI score0.00392EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2026:2297-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2297-1 advisory. This update for avahi fixes the following issue: - CVE-2026-34933: Prior to version 0.9-rc4, any unprivileged local use...

5.5CVSS5.3AI score0.00203EPSS
Exploits1References4
OSV
OSV
added 2026/06/12 12:28 p.m.6 views

OESA-2026-2682 sofia-sip security update

Sofia SIP is a RFC-3261-compliant library for SIP user agents and other network elements. The Session Initiation Protocol SIP is an application-layer control signaling protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telepho...

7.5CVSS7.1AI score0.01647EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2026/06/09 11:5 a.m.21 views

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-24401: uncontrolled recursion in lookuphandlecname can crash the avahi-daemon bsc1257235. CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. Patch Instructions: To install this SUSE updat...

6.5CVSS5.4AI score0.00252EPSS
Exploits1References8
OSV
OSV
added 2026/06/09 11:5 a.m.5 views

SUSE-SU-2026:2311-1 Security update for avahi

This update for avahi fixes the following issue: - CVE-2026-24401: uncontrolled recursion in lookuphandlecname can crash the avahi-daemon bsc1257235. - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546...

6.5CVSS5.4AI score0.00252EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.7 views

EulerOS Virtualization 2.10.1 : avahi (EulerOS-SA-2026-2015)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.13.0 : avahi (EulerOS-SA-2026-2159)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References4
EUVD
EUVD
added 2026/06/02 4:16 p.m.15 views

EUVD-2026-33980

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

6.3CVSS6.1AI score0.003EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/06/02 4:16 p.m.37 views

CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

6.3CVSS0.003EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45806

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS PATH mask matching implementation in nest/a-path.c. The as path match function uses a fixed-size stack array of 2048 + 1 pm pos entries, while parse path expands AS PATH segments from a receive...

6.3CVSS6.1AI score0.003EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: openvswitch (UTSA-2026-017643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017643 advisory. Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and...

9.8CVSS7.7AI score0.05493EPSS
Exploits0References4
OSV
OSV
added 2026/05/09 3:48 p.m.5 views

SUSE-SU-2026:21631-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546...

5.5CVSS5.8AI score0.00203EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:22 a.m.9 views

SUSE CVE-2026-40197

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The custom volume backup import subsystem...

7.1CVSS5.8AI score0.00299EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:22 a.m.13 views

SUSE CVE-2026-41647

Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file. This issue has been patched in version 7.0.0...

6.5CVSS5.7AI score0.00394EPSS
Exploits1References3
Rows per page
Query Builder