Lucene search
K

4824 matches found

Vulnrichment
Vulnrichment
added 6 days ago3 views

CVE-2026-29008 U-Boot 2026.04-rc3 Integer Underflow DoS via tcp_rx_state_machine()

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6AI score0.00432EPSS
Exploits0References4
CVE
CVE
added 6 days ago10 views

CVE-2026-29008

U-Boot 2026.04-rc3 contains a vulnerability in tcp_rx_state_machine() (net/tcp.c) that can crash the bootloader via a malformed TCP SYN+ACK with manipulated data offset, causing payload_len to become negative. The negative value is implicitly converted to a large unsigned integer and passed to me...

8.7CVSS6AI score0.00432EPSS
Exploits0References4
OSV
OSV
added 6 days ago4 views

CVE-2026-29008 U-Boot 2026.04-rc3 Integer Underflow DoS via tcp_rx_state_machine()

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6.1AI score0.00432EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-55490

OpenWrt is a Linux operating system targeting embedded devices. Before v25.12.5, an integer underflow in handlesenda of the Emergency Access Daemon allows any unauthenticated attacker on the local network to crash the daemon by sending a single crafted UDP packet. The message length underflows...

6.5CVSS6AI score0.00684EPSS
Exploits1References4Affected Software1
CVE
CVE
added last week9 views

CVE-2026-55490

OpenWrt OpenWrt (embedded Linux) mediateces: CVE-2026-55490 affects the Emergency Access Daemon’s handle_send_a() where an integer underflow can lead to a pre-auth DoS by an unauthenticated attacker on the local network via a crafted UDP packet. The underflow causes a bounds-check misstep, then a...

6.5CVSS6AI score0.00684EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/07 6:11 a.m.3 views

Security Bulletin: Security vulnerabilities have been found in IBM Application Gateway

Summary Security vulnerabilities have been addressed in IBM Application Gateway Vulnerability Details CVEID:CVE-2026-40355 DESCRIPTION: In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism...

7.5CVSS6AI score0.00501EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2026/07/06 2:31 p.m.4 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.9AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:59 a.m.4 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.9AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:29 a.m.3 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.9AI score0.00514EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 3:17 p.m.11 views

CVE-2026-6685

FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in fread / fwrite fp-sect - sect cc during interleaved read/write on fragmented filesystems. This maps to CWE-191 Integer Underflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 6.1...

6.1CVSS0.00205EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:47 p.m.5 views

CVE-2026-6685

FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in fread / fwrite fp-sect - sect cc during interleaved read/write on fragmented filesystems. This maps to CWE-191 Integer Underflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 6.1...

6.1CVSS5.8AI score0.00205EPSS
Exploits2References5
CVE
CVE
added 2026/07/01 1:47 p.m.38 views

CVE-2026-6685

FatFs CVE-2026-6685 affects FatFs R0.16 and earlier, where a stale dirty-cache skip can occur due to an unsigned-subtraction wrap in f_read() and f_write() during interleaved reads/writes on fragmented filesystems (fp->sect - sect < cc). The root cause is an integer underflow (CWE-191) in t...

6.1CVSS5.8AI score0.00205EPSS
Exploits2References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.10 views

PT-2026-54927

Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description An integer underflow occurs during interleaved read and write operations on fragmented filesystems. This issue is caused by an unsigned-subtraction wrap in the f read and f write functions when...

6.1CVSS6.1AI score0.00205EPSS
Exploits2References7
OSV
OSV
added 2026/06/30 11:3 p.m.3 views

SUSE-SU-2026:22459-1 Security update for pcr-oracle

This update for pcr-oracle fixes the following issues Update to 0.6.3: Security issue: - integer underflow vulnerability in parsesbatlevelsection bsc1265042. Non security issue: - Lockout Authorization error for libvirt-emulated TPM bsc1265871. Changes for pcr-oracle: + Relax TPM self-test...

5.9AI score
Exploits0References3
CVE
CVE
added 2026/06/30 1:2 p.m.32 views

CVE-2026-58016

The CVE-2026-58016 entry concerns GLib, specifically a flaw in g_dbus_node_info_new_for_xml() in gio/gdbusintrospection.c. The issue arises when parsing malformed D-Bus introspection XML (notably a element nested inside ///), causing an unsigned integer overflow and an out-of-bounds read, which ...

9.1CVSS5.8AI score0.00373EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2026/06/30 9:4 a.m.2 views

SUSE-SU-2026:22450-1 Security update for krb5

This update for krb5 fixes the following issue - CVE-2026-11850: integer underflow in berval2tldata leads to heap out-of-bounds read bsc1268131...

5CVSS5.9AI score0.00261EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-6678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption. CVE-2026-6678 Note th...

5.3CVSS6AI score0.0019EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/30 12:0 a.m.4 views

Security update for krb5 (moderate)

openSUSE security update: security update for krb5 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21021-1 Rating: moderate References: bsc1263366 bsc1263367 Cross-References: CVE-2026-40355 CVE-2026-40356 CVSS scores: CVE-2026-40355 SUSE : 5.9...

5.9CVSS6.1AI score0.00501EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/06/29 2:41 p.m.9 views

CVE-2026-58058

A flaw was found in Nmap. A remote attacker or a scanned target can send a specially crafted IPv6 response with a truncated extension header. This can lead to an integer underflow, causing out-of-bounds reads and a denial of service DoS due to a crash during raw IPv6 scans. Mitigation Mitigation...

6.9CVSS5.7AI score0.00278EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.12 views

gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.7AI score0.00805EPSS
Exploits0References4
Rows per page
Query Builder