EUVD-2026-23950

Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...

CVE-2026-4247 TCP: remotely exploitable DoS vector (mbuf leak)

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

ROS-20260129-73-0073

A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already established network connection, without opening new network connections and without acknowledging the receipt of packets. Exploitation of the vulnerability could allo...

MGASA-2025-0046 Updated qtbase5 & qtbase6 packages fix security vulnerabilities

network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. CVE-2023-51714 A buffer overflow and application crash can occur via a crafted KTX image file. CVE-2024-25580 Code to make security-relevant decisions about an established connection may execute too early, because...

ROS-20240712-03

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a request flow within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementation is...

ROS-20231107-01

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations

A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LASTCHUNK from the bytes, causing a denial of service...

Windows Inject PE Files, Find Tag Ordinal Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Unix TTY, Interact with Established Connection

Interacts with a TTY on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single def initializeinfo = supermergeinfoinfo,...

Debian Security Advisory DSA 389-1 (ipmasq)

The remote host is missing an update to ipmasq announced via advisory DSA 389-1. OpenVAS Vulnerability Test $Id: deb3891.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 389-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Unix Command, Interact with Established Connection

Interacts with a shell on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions...

Windows Meterpreter (skape/jt Injection), Find Tag Ordinal Stager

Inject the meterpreter server DLL staged. Use an established connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 92 include Msf::Payload::Stager include Msf::Payload::Window...

PT-1999-1099 · Linux · Linux

Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.0.36 Description: The issue allows remote attackers to spoof a TCP connection and pass data to the application layer before fully establishing the connection. Recommendations: For Linux versions prior to 2.0.36, upda...