CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

331 matches found

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS6AI score0.02501EPSS

Exploits0References5

NVD•added 2026/04/02 3:16 p.m.•5 views

CVE-2026-31937

Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15...

7.5CVSS0.00351EPSS

Exploits0References2

CVE•added 2026/04/02 2:38 p.m.•15 views

CVE-2026-31937

CVE-2026-31937 affects Suricata (network IDS/IPS/NSM). The issue is an inefficiency in DCERPC buffering that degrades performance, occurring before version 7.0.15. The vulnerability is mitigated by upgrading to Suricata 7.0.15 or later, which patches the DCERPC buffering problem. The CVSS vector ...

7.5CVSS5.7AI score0.00351EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/04/02 2:38 p.m.•3 views

CVE-2026-31937 Suricata dcerpc: quadratic complexity in dcerpc buffering

Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15...

7.5CVSS5.8AI score0.00351EPSS

Exploits0References2

CNNVD•added 2026/04/02 12:0 a.m.•4 views

Suricata 安全漏洞

Suricata is a network IDS, IPS, and NSM engine developed by the Open Information Security Foundation. Versions of Suricata prior to 7.0.15 contained security vulnerabilities, which were caused by inefficient DCERPC buffering, potentially leading to performance degradation...

7.5CVSS5.8AI score0.00351EPSS

Exploits0References2

SUSE CVE•added 2026/01/28 12:25 a.m.•5 views

SUSE CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

7.5CVSS6AI score0.00483EPSS

Exploits0References3

UbuntuCve•added 2026/01/27 5:16 p.m.•5 views

CVE-2026-22258

7.5CVSS6AI score0.00483EPSS

Exploits0References7

Cvelist•added 2026/01/27 4:17 p.m.•19 views

CVE-2026-22258 Suricata DCERPC: unbounded fragment buffering leads to memory exhaustion

7.5CVSS0.00483EPSS

Exploits0References4

ATTACKERKB•added 2026/01/27 4:17 p.m.•4 views

CVE-2026-22258

7.5CVSS6AI score0.00483EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/01/27 4:17 p.m.•3 views

CVE-2026-22258 Suricata DCERPC: unbounded fragment buffering leads to memory exhaustion

7.5CVSS6AI score0.00483EPSS

Exploits0References4

OSV•added 2026/01/27 4:17 p.m.•6 views

CVE-2026-22258 Suricata DCERPC: unbounded fragment buffering leads to memory exhaustion

7.5CVSS6AI score0.00483EPSS

Exploits0References6

Tenable Nessus•added 2026/01/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-22258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits,...

7.5CVSS6AI score0.00483EPSS

Exploits0References3

VulnCheck KEV•added 2026/01/23 12:0 a.m.•4 views

VulnCheck KEV: CVE-2024-37079

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...

9.8CVSS6.1AI score0.22377EPSS

In wildExploits0References4