CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в edk2

EDK2’s Network Package is vulnerable to an infinite loop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of availability...

7.5CVSS6.9AI score0.00462EPSS

Exploits1References2

RedhatCVE•added 2026/04/13 5:20 p.m.•2 views

CVE-2026-31415

A flaw was found in the Linux kernel. A local attacker can exploit an integer overflow vulnerability in the ip6datagramsendctl function when processing multiple IPv6 Destination Options DSTOPTS control messages. This issue causes an incorrect calculation of header sizes, leading to a buffer...

5.5CVSS6AI score0.00018EPSS

Exploits0References4

NVD•added 2026/04/13 2:16 p.m.•2 views

CVE-2026-31415

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6datagramsendctl Yiming Qian reported : I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that can panic the kernel via skbunderpanic local DoS. The core issue i...

5.5CVSS0.00018EPSS

Exploits0References8

Cvelist•added 2026/04/13 1:21 p.m.•27 views

CVE-2026-31415 ipv6: avoid overflows in ip6_datagram_send_ctl()

0.00018EPSS

Exploits0References8

ATTACKERKB•added 2026/04/13 1:21 p.m.•2 views

CVE-2026-31415

5.5AI score0.00018EPSS

Exploits0References9Affected Software1

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 9 : edk2-20231122-6.el9 (AXSA:2024-8102:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8102:05 advisory. edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer overflow in...

8.8CVSS7.7AI score0.01EPSS

Exploits1References9

SUSE Linux•added 2025/02/28 4:27 p.m.•1 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 CVE-2023-45231: out-of-bounds...

8.3CVSS7.3AI score0.00462EPSS

Exploits1References28

GithubExploit•added 2024/11/16 5:22 p.m.•347 views

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

CVE-2024-38063 PoC | DKob & N3TCR4SH Overview This scr...

9.8CVSS9.6AI score0.89413EPSS

Exploits24

RedHat Linux•added 2024/10/15 12:38 a.m.•1 views

edk2: Infinite loop when parsing a PadN option in the Destination Options header

The Network Package in EDK2 is vulnerable to an infinite loop exploit when parsing a PadN option within the Destination Options header of IPv6. This flaw allows an unauthorized attacker to gain access and potentially result in a loss of system availability...

7.5CVSS7.3AI score0.00462EPSS

Exploits1References6

Tenable Nessus•added 2024/05/06 12:0 a.m.•32 views

Oracle Linux 9 : edk2 (ELSA-2024-2264)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2264 advisory. - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853 -...

9.4CVSS7.4AI score0.01EPSS

Exploits1References9

OSV•added 2024/03/22 11:7 a.m.•2 views

OESA-2024-1314 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage function, allowing a user to trigger a heap buffer overflow via a local network. Successful...

8.8CVSS7.3AI score0.00462EPSS

Exploits1References6

OSV•added 2024/03/22 11:7 a.m.•2 views

OESA-2024-1317 edk2 security update

8.8CVSS7.3AI score0.00462EPSS

Exploits1References6

RedHat Linux•added 2024/02/07 4:33 p.m.•0 views

kernel: memory leak in ipv6_renew_options()

A memory leak flaw was found in the Linux kernel’s IPv6 functionality in how a user triggers the setsockopt of the IPV6ADDRFORM and IPV6DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6ADDRFORM type and other processe...

5.5CVSS6.6AI score0.00095EPSS

Exploits0References5

SUSE CVE•added 2024/01/18 2:47 a.m.•1 views

SUSE CVE-2023-45232

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS6.8AI score0.00462EPSS

Exploits1References8

AlpineLinux•added 2024/01/16 4:15 p.m.•29 views

CVE-2023-45233

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS8.3AI score0.00462EPSS

Exploits1References7

OSV•added 2024/01/16 4:15 p.m.•37 views

CVE-2023-45233

7.5CVSS7AI score

Exploits0References7

OSV•added 2024/01/16 4:15 p.m.•27 views

CVE-2023-45232

7.5CVSS7AI score

Exploits0References7

OSV•added 2024/01/16 4:15 p.m.•2 views

AZL-39355 CVE-2023-45233 affecting package hvloader for versions less than 1.0.1-9