Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-55952

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS5.9AI score
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-53328

A flaw was found in the Linux kernel's schedext component. When systemd's user manager interacts with subtreecontrol while schedext is loaded, a warning can be triggered. This occurs due to a mismatch in how cgroup and css identities are handled during task migration, potentially leading to syste...

5.7AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/05/11 2:40 p.m.5 views

GHSA-G588-CJG3-6G78 Steamworks game clients/servers using P2P authentication vulnerable to denial of service

Processing the raw ValidateAuthTicketResponset callback data panics when the meAuthSessionResponse field is kEAuthSessionResponseAuthTicketNetworkIdentityFailure. This can lead to denial of service in game clients and servers using the beginauthenticationsession API to authenticate players if a...

6.3CVSS5.8AI score
Exploits0References3
RustSec
RustSec
added 2026/05/05 12:0 p.m.10 views

Denial of service in Steamworks game clients/servers using P2P authentication

Processing the raw ValidateAuthTicketResponset callback data panics when the meAuthSessionResponse field is kEAuthSessionResponseAuthTicketNetworkIdentityFailure. This can lead to denial of service in game clients and servers using the beginauthenticationsession API to authenticate players if a...

5.8AI score
Exploits0Affected Software1
OSV
OSV
added 2026/05/05 12:0 p.m.4 views

RUSTSEC-2026-0121 Denial of service in Steamworks game clients/servers using P2P authentication

Processing the raw ValidateAuthTicketResponset callback data panics when the meAuthSessionResponse field is kEAuthSessionResponseAuthTicketNetworkIdentityFailure. This can lead to denial of service in game clients and servers using the beginauthenticationsession API to authenticate players if a...

5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/01 10:59 p.m.9 views

Ella Core Has Audit Log Falsification via Path/Body IMSI Mismatch in UpdateSubscriber

Summary The PUT /api/v1/subscriber/imsi API accepts an IMSI identifier from both the URL path and the JSON request body but never verifies they match. This allows an authenticated NetworkManager to modify any subscriber's policy while the audit trail records a fabricated or unrelated subscriber...

2.7CVSS5.9AI score0.00185EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/01 10:59 p.m.2 views

GHSA-XW45-CC32-442F Ella Core Has Audit Log Falsification via Path/Body IMSI Mismatch in UpdateSubscriber

Summary The PUT /api/v1/subscriber/imsi API accepts an IMSI identifier from both the URL path and the JSON request body but never verifies they match. This allows an authenticated NetworkManager to modify any subscriber's policy while the audit trail records a fabricated or unrelated subscriber...

2.7CVSS5.9AI score0.00185EPSS
Exploits0References5
CVE
CVE
added 2026/03/21 12:42 a.m.9 views

CVE-2026-32065

Summary (concrete): CVE-2026-32065 affects OpenClaw

6.5CVSS6.1AI score0.0029EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2025/01/02 9:44 p.m.4 views

libreswan: Invalid IKEv1 Quick Mode ID causes restart

A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or...

6.5CVSS5.7AI score0.00691EPSS
Exploits0References6
Rows per page
Query Builder