Lucene search
K

7084 matches found

Cvelist
Cvelist
added 2026/06/16 8:18 a.m.32 views

CVE-2026-5416 Command Injection via name parameter

Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vulnerability in the Managed Ethernet Switch, resulting in full system compromise...

8.8CVSS0.00771EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:18 a.m.16 views

CVE-2026-5416

The CVE-2026-5416 entry describes a command injection in a Managed Ethernet Switch caused by improper neutralization of special elements in a name parameter. It results in full system compromise with network-based, low-privilege, no-user-interaction exploitation (per CVSS 4.0/3.1 vectors). Connec...

8.8CVSS5.4AI score0.00771EPSS
Exploits0References1
OSV
OSV
added 2026/06/11 9:57 p.m.18 views

USN-8426-1 linux-azure-5.15, linux-azure-fips vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS5.2AI score0.96267EPSS
Exploits283References19
Ubuntu
Ubuntu
added 2026/06/11 9:57 p.m.25 views

USN-8426-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.4AI score0.96267EPSS
Exploits283
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.12 views

Ubuntu 24.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-8350-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8350-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS6.2AI score0.96267EPSS
Exploits230References9
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

Ubuntu 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8351-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8351-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS6.2AI score0.96267EPSS
Exploits230References9
CVE
CVE
added 2026/06/09 10:49 p.m.41 views

CVE-2026-46433

CVE-2026-46433 affects lldpd (LLDP implementation). Prior to version 1.0.22, lldpd_decode() incorrectly shifts frame payload when removing 802.1Q VLAN tags, using a length calculation that causes a 4-byte heap OOB read if the frame size equals the interface MTU. This vulnerability is fixed in ver...

6.5CVSS5.5AI score0.00225EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/09 4:22 p.m.15 views

USN-8412-1 qemu vulnerabilities

Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly handled certain responses from an iSCSI server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary...

8.2CVSS7.7AI score0.04018EPSS
Exploits10References40
NVD
NVD
added 2026/06/09 1:16 p.m.14 views

CVE-2026-46321

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

7.1CVSS0.00129EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/09 12:11 p.m.35 views

CVE-2026-46320 tap: free page on error paths in tap_get_user_xdp()

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

7.4CVSS0.00235EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.11 views

SUSE CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.5CVSS5.4AI score0.00389EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 5:16 p.m.19 views

CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

7.5CVSS0.00389EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 5:16 p.m.16 views

UBUNTU-CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

7.5CVSS5.3AI score0.00389EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/08 3:46 p.m.14 views

EUVD-2026-35171

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.4AI score0.00389EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:46 p.m.6 views

CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.3AI score0.00389EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.53 views

CVE-2026-46306 flow_dissector: do not dissect PPPoE PFC frames

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

7.5CVSS0.00389EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 3:46 p.m.2 views

CVE-2026-46306 flow_dissector: do not dissect PPPoE PFC frames

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

7.5CVSS6.5AI score0.00389EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of PPPoE PFC frames in the flowdissector module. This vulnerability may lead to...

7.5CVSS5.3AI score0.00389EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47377

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the flow dissector where the processing of PPPoE Protocol Field Compression PFC frames can lead to a 4-byte misalignment of the network header. This misalignment cause...

9.1CVSS5.3AI score0.00457EPSS
Exploits1References68
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.14 views

CVE-2026-38719

OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...

6.2CVSS5.5AI score0.00114EPSS
Exploits0References1
Rows per page
Query Builder