Lucene search
K

315 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Erlang/OTP 25.3 < 27.3.4.14 / 28.0 < 28.5.0.3 / 29.0 < 29.0.3 DoS (CVE-2026-55950)

The version of Erlang/OTP installed on the remote host is 25.3 prior to 27.3.4.14, 28.0 prior to 28.5.0.3, or 29.0 prior to 29.0.3. It is, therefore, affected by a vulnerability: - Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an...

8.7CVSS6.2AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-55950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all...

8.7CVSS6AI score0.00384EPSS
Exploits0References3
NVD
NVD
added 2026/07/02 5:17 p.m.11 views

CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS0.00384EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 5:17 p.m.3 views

UBUNTU-CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS6AI score0.00384EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/07/02 4:6 p.m.12 views

CVE-2026-55950 DTLS listener crash via race condition in dtls_packet_demux causes denial of service for all sessions

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/02 4:6 p.m.8 views

EUVD-2026-41414

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/02 4:6 p.m.7 views

CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/07/02 4:6 p.m.10 views

CVE-2026-55950 DTLS listener crash via race condition in dtls_packet_demux causes denial of service for all sessions

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS6AI score0.00384EPSS
Exploits0References9
OSV
OSV
added 2026/07/02 4:6 p.m.6 views

EEF-CVE-2026-55950 DTLS listener crash via race condition in dtls_packet_demux causes denial of service for all sessions

Summary Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtls\packet\demux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtls\packet\demux gen\server process to route...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References4
CVE
CVE
added 2026/07/02 4:6 p.m.16 views

CVE-2026-55950

This CVE (CVE-2026-55950) describes a TOCTOU race in Erlang/OTP ssl (dtls_packet_demux.erl) where a DTLS listener’s shared demux process can be crashed by an unauthenticated remote attacker sending rapid ClientHello datagrams from the same source IP/port. The race in the internal gb_trees store l...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2026/06/29 5:40 a.m.4 views

BIT-HAPROXY-2026-55203 HAProxy - Integer Overflow in FCGI Demux Record Length Field

HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...

9.1CVSS6AI score0.00321EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/18 4:5 p.m.3 views

CVE-2026-55203 HAProxy - Integer Overflow in FCGI Demux Record Length Field

HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...

9CVSS6.1AI score0.00321EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 4:5 p.m.27 views

CVE-2026-55203 HAProxy - Integer Overflow in FCGI Demux Record Length Field

HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...

9CVSS0.00321EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 4:5 p.m.58 views

CVE-2026-55203

HAProxy

9.1CVSS5.6AI score0.00321EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/12 12:0 a.m.7 views

CVE-2026-12893

gstreamer1-libav: gstreamer1-libav: NULL pointer dereference in gstavdemux.c error handler...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.13 views

CVE-2026-46470

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxaudiocaps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

9.1CVSS5.4AI score0.00208EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the file drivers/media/dvb-core/dmxdev.c within the Linux kernel, up to version 5.19.10, a use-after-free condition has occurred due to race conditions related to reference counts, affecting the functions dvbdemuxopen and dvbdmxdevrelease...

5.5CVSS6.5AI score0.00778EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A vulnerability related to uninitialized stack variables has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When the size is less than 4, the program calls gstbufferunmap with an...

9.8CVSS8.2AI score0.01005EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxparseblockgrouporsimpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer sub...

7.5CVSS6.2AI score0.00865EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in gst-plugins-good1.0

Integer overflow in the avidemux element within the gstavidemuxinvert function, which allows for a heap overwrite during the parsing of AVI files. There is a potential for arbitrary code execution due to the heap overwrite...

7.8CVSS7.7AI score0.00465EPSS
Exploits1References2
Rows per page
Query Builder