Lucene search
+L

40 matches found

redhat
redhat
added 2026/07/06 9:21 p.m.4 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS7.1AI score0.00322EPSS
Exploits0References5
redhat
redhat
added 2026/07/02 2:52 p.m.7 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS5.8AI score0.00322EPSS
Exploits0References5
redhat
redhat
added 2026/07/01 9:48 a.m.6 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS7.2AI score0.00322EPSS
Exploits0References5
cve
cve
added 2026/06/25 5:46 p.m.20 views

CVE-2026-54089

CVE-2026-54089 impacts File Browser when configured with proxy authentication (auth.method=proxy). The issue allows an unauthenticated attacker who can reach the server to impersonate any user—including an administrator—by sending a single forged HTTP header. No credentials are required. Addition...

9.1CVSS5.8AI score0.00337EPSS
Exploits0References3
osv
osv
added 2026/06/25 5:46 p.m.4 views

CVE-2026-54089 File Browser: Authentication Bypass via Proxy Auth Header Forgery

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Starting with 2.0.0-rc.1, when FileBrowser is configured with proxy authentication auth.method=proxy, any unauthenticated attacker who can reach the server...

9.1CVSS5.9AI score0.00337EPSS
Exploits0References5
github
github
added 2026/06/22 5:9 p.m.9 views

Gogs has an Authentication Bypass via Unvalidated Reverse Proxy Headers

Summary When ENABLEREVERSEPROXYAUTHENTICATION is enabled, Gogs accepts the configured authentication header default: X-WEBAUTH-USER directly from client requests without validating that the request originated from a trusted reverse proxy. Any remote attacker who can reach the Gogs service can for...

8.7CVSS6AI score0.00864EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2026/06/12 9:56 p.m.34 views

CVE-2026-53832 OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration

OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate...

7.7CVSS0.00102EPSS
Exploits0References2
cve
cve
added 2026/06/12 9:56 p.m.23 views

CVE-2026-53832

CVE-2026-53832 affects OpenClaw prior to 2026.5.18. The issue is an identity header validation flaw that lets local, same-host callers forge trusted-proxy identity headers, enabling them to assume operator identity and potentially escalate privileges when they have access to the proxy-facing Gate...

7.7CVSS5.3AI score0.00102EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/06/12 9:56 p.m.4 views

CVE-2026-53832 OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration

OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate...

7.4CVSS5.9AI score0.00102EPSS
Exploits0References5
susecve
susecve
added 2026/06/04 2:22 a.m.11 views

SUSE CVE-2026-46244

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

5.5CVSS5.8AI score0.00322EPSS
Exploits0References14
redhatcve
redhatcve
added 2026/06/03 7:56 p.m.12 views

CVE-2026-46244

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS5.8AI score0.00322EPSS
Exploits0References4
osv
osv
added 2026/06/03 3:48 p.m.3 views

CVE-2026-46244 netfilter: nft_inner: Fix IPv6 inner_thoff desync

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

9.1CVSS6.6AI score0.00322EPSS
Exploits0References16
euvd
euvd
added 2026/06/03 3:48 p.m.15 views

EUVD-2026-34106

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

5.8AI score0.00322EPSS
Exploits0References5
cvelist
cvelist
added 2026/06/03 3:48 p.m.57 views

CVE-2026-46244 netfilter: nft_inner: Fix IPv6 inner_thoff desync

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

9.1CVSS0.00322EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/05/14 12:0 a.m.16 views

Fleet 安全漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.80.1 contained security...

6.9CVSS5.8AI score0.0043EPSS
Exploits0References1
snyk
snyk
added 2026/03/04 3:33 a.m.1 views

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force via the authentication rate limiting process. An attacker can bypass authentication rate limiting by forging the X-Real-IP header, allowing unlimited authentication attempts from a single source. Remediation Upgrade...

9.1CVSS5.8AI score0.00262EPSS
Exploits0References2
veracode
veracode
added 2026/02/18 10:8 a.m.10 views

IP Rate Limiting Bypass

misskey-js is vulnerable to an IP rate limiting bypass. The vulnerability is due to improper handling of the X-Forwarded-For header and an insecure default trustProxy configuration, which allows an attacker to forge client IP values and bypass rate-limiting controls...

6.9CVSS5.6AI score0.00296EPSS
Exploits1References4Affected Software1
osv
osv
added 2026/01/22 12:10 p.m.5 views

SUSE-SU-2026:0215-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. - Avoid potential downgrade to SHA1 in 3rd party key signatures gpg.fail/sha1 bsc1256246. - Error out on unverified output for non-detached signatures...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References7
cnvd
cnvd
added 2025/11/05 12:0 a.m.3 views

WordPress OOPSpam Anti-Spam plugin IP Header Forgery Vulnerability

WordPress OOPSpam Anti-Spam plugin is an anti-spam plugin designed for WordPress that protects forms and comments from spam through AI and machine learning techniques without the use of CAPTCHA validation. The WordPress OOPSpam Anti-Spam plugin suffers from an IP header forgery vulnerability that...

5.3CVSS6.9AI score0.0031EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/10/31 12:0 a.m.7 views

WordPress plugin OOPSpam Anti-Spam 安全漏洞

WordPress OOPSpam Anti-Spam plugin is an anti-spam plugin designed for WordPress that protects forms and comments from spam through AI and machine learning techniques without the use of CAPTCHA validation. The WordPress OOPSpam Anti-Spam plugin suffers from an IP header forgery vulnerability that...

5.3CVSS6.5AI score0.0031EPSS
Exploits0References4
Rows per page
Query Builder