Lucene search
K

590 matches found

RedHat Linux
RedHat Linux
added 12 hours ago3 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS7.2AI score0.00302EPSS
Exploits0References5
CVE
CVE
added 2 days ago15 views

CVE-2026-13762

CVE-2026-13762 involves an vulnerability in Amazon CloudFront when AWS WAF is enabled. The issue arises from an inconsistent interpretation of HTTP/2 requests, which can allow remote actors to bypass AWS WAF managed body‑inspection by fragmenting the request body across frames so that only a part...

9.8CVSS5.8AI score0.00461EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2 days ago4 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS7.2AI score0.00302EPSS
Exploits0References5
Nuclei
Nuclei
added 3 days ago45 views

SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery

SAP BusinessObjects Business Intelligence Platform Web Services 410, 420, and 430 is susceptible to blind server-side request forgery. An attacker can inject arbitrary values as CMS parameters to perform lookups on the internal network, which is otherwise not accessible externally. On successful...

5.3CVSS6.6AI score0.61736EPSS
Exploits3References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A issue was discovered in the Linux kernel, specifically in the nfconntrackirc module. In this case, the message handling is confusing, and the messages are matched incorrectly. It is possible for a firewall to be bypassed when users use unencrypted IRC with the nfconntrackirc module enabled...

5.3CVSS6.5AI score0.01364EPSS
Exploits1References2
OSV
OSV
added 2026/06/15 5:28 p.m.11 views

GHSA-6H46-9JF5-Q59X Symfony: Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access to access_control-Protected GET Routes

Description When a firewall is configured with form-login or any authenticator using DefaultAuthenticationFailureHandler and the failureforward: true option, the handler reads the failurepath parameter from the failing login request and uses it as the path of an internal subrequest dispatched...

5.5AI score0.00058EPSS
Exploits0References6
Qualys Blog
Qualys Blog
added 2026/06/10 3:0 p.m.9 views

Turning Millions of Risks Into One Actionable List

Every security leader walks into Monday morning with the same question. The findings are there. The dashboards are running. But out of the thousands of critical vulnerabilities on that list, which ones can an attacker actually use against this organization today? Not in theory. Not in a lab. In...

5.6AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/04 2:22 a.m.7 views

SUSE CVE-2026-46244

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

5.5CVSS5.8AI score0.00302EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/03 7:56 p.m.9 views

CVE-2026-46244

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS5.8AI score0.00302EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/03 3:48 p.m.11 views

EUVD-2026-34106

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

5.8AI score0.00302EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:48 p.m.6 views

CVE-2026-46244

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

5.8AI score0.00302EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the netfilter nftinner module, which incorrectly calculates the transmission header...

9.1CVSS5.3AI score0.00302EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/05/20 8:36 a.m.89 views

HOV4X

HOV4X HOVAX - 45 Modules Security Toolkit for Penetration Test...

9.8CVSS7AI score0.99677EPSS
Exploits100
Exploit DB
Exploit DB
added 2026/05/13 12:0 a.m.93 views

coreruleset 4.21.0 - Firewall Bypass

Exploit Title: coreruleset 4.21.0 - Firewall Bypass Date: 04/08/2026 Exploit Author: Daytrift Newgen Vendor Homepage: https://github.com/coreruleset Software Link: https://github.com/coreruleset/coreruleset Version: 4.22.0/3.3.8 Tested on: Fedora, MacOS CVE : CVE-2026-21876 import base64 import o...

9.3CVSS6AI score0.13124EPSS
Exploits4
NVD
NVD
added 2026/05/01 9:16 p.m.16 views

CVE-2026-39805

Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers. 'Elixir.Bandit.Headers':getcontentlength/1 in lib/bandit/headers.ex uses List.keyfind/3, which returns only the first matching header. When a request...

6.3CVSS0.00518EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/01 8:34 p.m.39 views

CVE-2026-39805 CL.CL HTTP request smuggling via duplicate Content-Length in bandit

Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers. 'Elixir.Bandit.Headers':getcontentlength/1 in lib/bandit/headers.ex uses List.keyfind/3, which returns only the first matching header. When a request...

6.3CVSS0.00518EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36541

Name of the Vulnerable Software and Affected Versions bandit versions prior to 1.11.0 Description Inconsistent interpretation of HTTP requests allows HTTP request smuggling via duplicate Content-Length headers. The function get content length in Elixir.Bandit.Headers uses List.keyfind/3, which on...

6.3CVSS5.8AI score0.00518EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/04/30 11:17 p.m.43 views

CVE-2026-22726 Route Services Firewall Bypass

Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks...

5CVSS0.00199EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/04/20 12:0 a.m.85 views

📄 dwatch 0.0.2 Server-Side Request Forgery

dwatch version 0.0.2 allows unauthenticated users to create monitoring tasks via the /api/task/save endpoint. The url parameter accepts arbitrary URLs and makes HTTP requests to them. Exploit Title: dwatch 0.0.2 - Unauthenticated SSRF via Task URL Date: 2026-04-18 Exploit Author: Chokri Hammedi...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:34 p.m.4 views

CVE-2026-33774

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the configured firewall filter and access the control-plane of the device. On MX platform...

6.9CVSS5.9AI score0.00183EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder