Lucene search
K

17 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-41413

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score0.00345EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-54886

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score0.00345EPSS
Exploits0References6Affected Software1
OSV
OSV
added 4 days ago3 views

EEF-CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop

Summary Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh ssh\sftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handle\data/4 function in ssh\sftpd contains a catch-all clause that accepts channel data of any...

5.3CVSS6AI score0.00345EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-9002 IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS0.00269EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53215

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS5.9AI score0.00546EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel’s BPF subsystem. This...

5.9AI score0.00178EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28771

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...

5.9AI score0.00414EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39125

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net/mlx5e component regarding XDP multi-buf fragment counting for legacy RQ. XDP multi-buf programs can modify the XDP buffer layout when calling bpf xdp pull data...

7.5CVSS5.9AI score0.00402EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.10 views

CVE-2026-23343

In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail, clearly...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/24 3:30 p.m.3 views

EUVD-2023-60290

In the Linux kernel, the following vulnerability has been resolved: net: core: remove unnecessary framesz check in bpfxdpadjusttail Syzkaller reported the following issue: ======================================= Too BIG xdp-framesz = 131072 WARNING: CPU: 0 PID: 5020 at net/core/filter.c:4121...

5.8AI score0.00168EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sfc driver failing to reinitialize the xdp queue after changing the size of the rx/tx ring buffer, causi...

5.5CVSS5.5AI score0.00231EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/08/08 7:0 a.m.5 views

xdp: Remove WARN() from __xdp_reg_mem_model()

...

5.5CVSS7.3AI score0.00249EPSS
Exploits0
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress SLP – Extended Data Manager Plugin <= 6.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SLP – Extended Data Manager Type Plugin Vulnerable versions = 6.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d2e98c75731 Credits Rafie Muhammad...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.15 views

WordPress SLP – Extended Data Manager plugin < 5.9.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress SLP – Extended Data Manager plugin versions 5.9.1. Solution Update the WordPress SLP – Extended Data Manager plugin to the latest available version at least 5.9.1...

3.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.10 views

WordPress SLP – Extended Data Manager plugin < 5.9.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress SLP – Extended Data Manager plugin versions 5.9.1. Solution Update the WordPress SLP – Extended Data Manager plugin to the latest available version at least 5.9.1...

2.6AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/03/10 8:15 p.m.4 views

CVE-2020-9044

XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...

9.1CVSS7.3AI score0.01286EPSS
Exploits0References2
Nextcloud
Nextcloud
added 2019/04/12 12:0 a.m.33 views

Improper share updates could result in extended data access (NC-SA-2019-003)

A bug could expose more data in reshared link shares than intended by the sharer...

5.5CVSS2.2AI score0.01036EPSS
Exploits1Affected Software1
Rows per page
Query Builder