CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3882 matches found

Cvelist•added 2026/05/06 11:28 a.m.•24 views

CVE-2026-43194 net: consume xmit errors of GSO frames

In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...

7.5CVSS0.00533EPSS

Exploits0References8

CVE•added 2026/05/06 11:28 a.m.•10 views

CVE-2026-43194

CVE-2026-43194 affects the Linux kernel networking stack where an error in handling transmit (xmit) failures for GSO frames can cause a single lost segment within a GSO frame to be misinterpreted as a complete frame loss. The issue arises when devices (e.g., veth) report errors during xmit; TCP m...

7.5CVSS5.8AI score0.00533EPSS

Exploits0References8Affected Software1

Debian CVE•added 2026/05/06 11:28 a.m.•4 views

CVE-2026-43194

7.5CVSS5.7AI score0.00533EPSS

Exploits0

NVD•added 2026/05/06 10:16 a.m.•20 views

CVE-2026-43113

In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...

8.8CVSS0.00247EPSS

Exploits0References8

Cvelist•added 2026/05/06 7:40 a.m.•44 views

CVE-2026-43113 wifi: wl1251: validate packet IDs before indexing tx_frames

8.8CVSS0.00247EPSS

Exploits0References8

ATTACKERKB•added 2026/05/06 7:40 a.m.•2 views

CVE-2026-43113

5.7AI score0.00247EPSS

Exploits0References6Affected Software1

CVE•added 2026/05/06 7:40 a.m.•21 views

CVE-2026-43113

In the Linux kernel, CVE-2026-43113 affects the wl1251 Wi‑Fi driver. The function wl1251_tx_packet_cb() uses the firmware completion ID (a raw u8) to index a fixed 16-entry wl->tx_frames[] array without validating that the ID fits. The callback can dereference out-of-range IDs. The fix rejects...

8.8CVSS5.8AI score0.00247EPSS

Exploits0References8Affected Software1

GithubExploit•added 2026/05/06 3:45 a.m.•83 views

Exploit for Double Free in Apache Http_Server

CVE-2026-23918 CVE-2026-23918: Apache HTTP/2 Double...

8.8CVSS6AI score0.42802EPSS

Exploits16

Tenable Nessus•added 2026/05/06 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-43113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes...

8.8CVSS5.8AI score0.00247EPSS

Exploits0References3

Tenable Nessus•added 2026/05/06 12:0 a.m.•11 views

RHCOS 3 : OpenShift Container Platform 3.9 (RHSA-2019:2769)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2769 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

8.1CVSS7AI score0.83433EPSS

Exploits1References8

Positive Technologies•added 2026/05/06 12:0 a.m.•8 views

PT-2026-37423

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description An out-of-bounds array access exists in the WiFi wl1251 driver. The wl1251 tx packet cb function uses a firmware completion ID, provided as a raw u8 from the completion block, to index t...

8.8CVSS5.8AI score0.00247EPSS

Exploits0References21

Positive Technologies•added 2026/05/06 12:0 a.m.•8 views

PT-2026-37534

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel networking stack where the system incorrectly handles transmission xmit return codes for Generic Segmentation Offload GSO frames in environments witho...

8.8CVSS5.6AI score0.00533EPSS

Exploits0References118

Snyk•added 2026/05/05 1:35 p.m.•6 views

Allocation of Resources Without Limits or Throttling

Overview @openclaw/voice-call is an OpenClaw voice-call plugin Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the voice-call realtime WebSocket path when oversized WebSocket frames are accepted without proper validation. An attacker ca...

8.2CVSS5.8AI score0.00417EPSS

Exploits0References2

Snyk•added 2026/05/05 1:35 p.m.•6 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the voice-call realtime WebSocket path when oversized WebSocket frames are accepted without proper validation. An attacker can cau...

8.2CVSS5.8AI score0.00417EPSS

Exploits0References2

NVD•added 2026/05/05 12:16 p.m.•20 views

CVE-2026-42437

OpenClaw versions 2026.4.9 before 2026.4.10 contain a denial of service vulnerability in the voice-call realtime WebSocket path that accepts oversized frames without proper validation. Remote attackers can send oversized WebSocket frames to cause service unavailability for deployments exposing th...

8.2CVSS0.00417EPSS

Exploits0References3

CVE•added 2026/05/05 11:24 a.m.•12 views

CVE-2026-42437

Technical details are not publicly available in the provided documents. Monitor for updates.

8.2CVSS5.8AI score0.00417EPSS

Exploits0References3

ATTACKERKB•added 2026/05/05 11:24 a.m.•3 views

CVE-2026-42437

8.2CVSS5.8AI score0.00417EPSS

Exploits0References4Affected Software1