Lucene search
+L

102 matches found

OSV
OSV
added 2026/06/25 9:16 a.m.9 views

UBUNTU-CVE-2026-53253

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

7.1CVSS5.7AI score0.00274EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/25 8:39 a.m.9 views

EUVD-2026-39204

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

5.7AI score0.00274EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

SUSE SLES15 Security Update : kubernetes1.27 (SUSE-SU-2026:2339-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2339-1 advisory. This update for kubernetes1.27 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transpo...

8.7CVSS5.5AI score0.00781EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/11 8:31 a.m.11 views

EUVD-2026-36217

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory OOM Denial of Service DoS attack due to unbounded frame count processing in the VideoMediaIO.loadbase64 method. When processing video/jpeg data URLs, the method splits the base64 data string on commas to extract individual JPEG fram...

7.5CVSS5.5AI score0.00543EPSS
Exploits1References2
OSV
OSV
added 2026/06/10 1:14 p.m.6 views

SUSE-SU-2026:2340-1 Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. - CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

8.7CVSS5.4AI score0.00781EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/06/09 2:34 p.m.10 views

Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
OSV
OSV
added 2026/06/09 2:34 p.m.6 views

SUSE-SU-2026:2325-1 Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. - CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

8.7CVSS5.4AI score0.00781EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.12.1 : binutils (EulerOS-SA-2026-2071)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with...

7.8CVSS5.2AI score0.00256EPSS
Exploits5References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.17 views

CVE-2026-37539

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

9.8CVSS6.1AI score0.00544EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.18 views

CVE-2026-10099

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

5.1CVSS5.8AI score0.00125EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 4:16 p.m.17 views

CVE-2026-10099

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

5.1CVSS0.00125EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/29 3:58 p.m.40 views

CVE-2026-10099 XX-Net V5.16.6 WebSocket Frame Parsing Data Corruption via simple_http_server.py

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

5.1CVSS0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/05/29 3:58 p.m.3 views

CVE-2026-10099 XX-Net V5.16.6 WebSocket Frame Parsing Data Corruption via simple_http_server.py

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

5.1CVSS6AI score0.00125EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

XX-Net 安全漏洞

XX-Net is an open-source network stealth proxy tool developed by XX-Net. Version 5.16.6 of XX-Net contains a security vulnerability. This vulnerability stems from issues with WebSocket frame parsing in the WebSocketreceiveworker routine within simplehttpserver.py, which may lead to corruption of...

5.1CVSS5.8AI score0.00125EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-44889

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocket receive worker routine of simple http server.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

5.1CVSS5.8AI score0.00125EPSS
Exploits0References5
OSV
OSV
added 2026/05/26 10:49 p.m.10 views

GO-2026-4958 Uncontrolled resource consumption when parsing SPDY frames in github.com/moby/spdystream

The SPDY/3 frame parser in spdystream does not validate attacker-controlled counts and lengths before allocating memory. A remote peer that can send SPDY frames to a service using spdystream can cause the process to allocate gigabytes of memory with a small number of malformed control frames,...

8.7CVSS5.9AI score0.00656EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 5:16 p.m.4 views

CVE-2026-37539

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

9.8CVSS0.00544EPSS
Exploits0References2
NVD
NVD
added 2026/05/01 3:16 p.m.6 views

CVE-2026-43032

In the Linux kernel, the following vulnerability has been resolved: NFC: pn533: bound the UART receive buffer pn532receivebuf appends every incoming byte to dev-recvskb and only resets the buffer after pn532uartrxisframe recognizes a complete frame. A continuous stream of bytes without a valid...

5.5CVSS0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 12:0 a.m.7 views

EUVD-2026-26692

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

9.8CVSS6.3AI score0.00544EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.9 views

cannelloni 安全漏洞

cannelloni is an Ethernet-based socketCAN tunneling tool from the individual developer Maximilian Güntner. A security vulnerability exists in cannelloni version v2.0.0, which stems from a buffer overflow in the parseCANFrame function in parser.cpp and in the decodeFrame function in decoder.cpp wh...

9.8CVSS6.4AI score0.00544EPSS
Exploits0References1
Rows per page
Query Builder