719 matches found
EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...
PT-2026-55282
Name of the Vulnerable Software and Affected Versions Eclipse Wakaama versions prior to snapshot/2026-05-26 Description An unbounded memory allocation issue exists in the CoAP Block1 handler within the coap/block.c file. Unauthenticated remote attackers can cause a denial of service by sending a...
PT-2026-54076
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the QUIC protocol implementation. This allows a remote attacker to potentially exploit heap corruption by sending malicious network traffic. Use after...
udp: clear skb->dev before running a sockmap verdict
...
CVE-2026-53070
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP over User Datagram Protocol UDP implementation. An issue with managing the transmission context across different processing units could lead to incorrect recursion level detection. This can cause network packets to b...
EUVD-2026-39326
In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...
CVE-2026-53184
The CVE-2026-53184 issue affects the Linux kernel UDP sockmap path. On UDP receive, skb->dev is repurposed as dev_scratch; when a SK_SKB verdict program uses BPF socket-lookup helpers (bpf_sk_lookup_tcp/udp, bpf_skc_lookup_tcp), skb->dev may still hold the dev_scratch value, and dev_net(skb...
CVE-2026-53184
In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...
CVE-2026-53070
In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...
CVE-2026-12847
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...
CVE-2026-12848
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...
CVE-2026-12485
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...
CVE-2026-12485 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...
PT-2026-51657
Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default and listens for UDP messages on port 10001, contains a stack-based buffer overflow. The issue occurs when the server processes...
PT-2026-51658
Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default on UDP port 10001, processes unauthenticated discovery and configuration messages. A stack-based buffer overflow occurs because th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: UDP: The auto-bound connected sockets’ hash values are unhashed when they are disconnected from the network. Suppose we bind an UDP socket to a wildcard address with a non-zero port, then connect it to a specific address, and lat...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - UDP: Fixed a race condition between close and udpabort. - Kaustubh reported and diagnosed a panic condition in udpliblookup. The root cause is that udpabort is racing with close. Both functions attempt to acquire the socket...
Astra Linux – Vulnerability in dnsmasq
A issue was discovered in Dnsmasq before version 2.90. The default maximum EDNS.0 UDP packet size was set to 4096, but it should be 1232 due to DNS Flag Day 2020...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nbd: restricts sockets to TCP and UDP Recently, syzbot began abusing NBD using various types of sockets. The commit cf1b2326b734 “nbd: verify that sockets are supported during setup” ensured that the socket supported a shutdown...
Astra Linux – Vulnerability in Memcached
Memcached 1.6.7 allows a Denial of Service attack through multi-packet uploads in UDP...