Lucene search
K

64 matches found

NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53134

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...

5.5CVSS0.00122EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53134

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References11
CVE
CVE
added 2026/06/25 8:38 a.m.20 views

CVE-2026-53134

A vulnerability in the Linux kernel netfilter NFT_FIB code (CVE-2026-53134) could leak uninitialized kernel stack via the OIFNAME result register on certain lookup-fail paths. The issue stems from NFT_FIB_RESULT_OIFNAME writes only a single byte and leaves the remaining IFNAMSIZ span stale in nft...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

Ubuntu 24.04 LTS / 25.10 : Foomuuri vulnerabilities (USN-8326-1)

The remote Ubuntu 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8326-1 advisory. Matthias Gerstner discovered that Foomuuri's D-Bus service did not properly enforce authorization. An unprivileged local attacker could possibly...

7CVSS5.8AI score0.00171EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/05/27 5:43 p.m.19 views

USN-8326-1: Foomuuri vulnerabilities

Matthias Gerstner discovered that Foomuuri's D-Bus service did not properly enforce authorization. An unprivileged local attacker could possibly use this issue to manipulate the firewall configuration, contrary to expectations. CVE-2025-67603 Matthias Gerstner discovered that Foomuuri's D-Bus...

7CVSS5.8AI score0.00171EPSS
Exploits0
OSV
OSV
added 2026/05/27 5:43 p.m.12 views

USN-8326-1 foomuuri vulnerabilities

Matthias Gerstner discovered that Foomuuri's D-Bus service did not properly enforce authorization. An unprivileged local attacker could possibly use this issue to manipulate the firewall configuration, contrary to expectations. CVE-2025-67603 Matthias Gerstner discovered that Foomuuri's D-Bus...

7CVSS5.8AI score0.00171EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/05 2:20 p.m.15 views

CVE-2026-22679

Weaver Fanwei E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft PO...

9.8CVSS6.8AI score0.2148EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/07 3:30 p.m.8 views

EUVD-2026-19607

Weaver Fanwei E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft PO...

9.8CVSS6.7AI score0.2148EPSS
Exploits1References5
NVD
NVD
added 2026/04/07 1:16 p.m.6 views

CVE-2026-22679

Weaver Fanwei E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft PO...

9.8CVSS0.2148EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/07 12:51 p.m.5 views

CVE-2026-22679

Weaver Fanwei E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft PO...

9.8CVSS6.7AI score0.2148EPSS
Exploits1References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/02 12:0 a.m.3 views

Security update for net-tools (moderate)

openSUSE security update: security update for net-tools ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20437-1 Rating: moderate References: bsc1243581 bsc1248410 bsc1248687 bsc142461 bsc430864 bsc544339 Cross-References: CVE-2025-46836 CVSS scores:...

6.6CVSS7AI score0.00165EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/27 5:9 p.m.4 views

CVE-2026-23995

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

8.4CVSS6.3AI score0.00211EPSS
Exploits1References1
NVD
NVD
added 2026/03/26 3:16 p.m.11 views

CVE-2026-23995

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

8.4CVSS0.00211EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 3:12 p.m.2 views

OPENSUSE-SU-2026:20437-1 Security update for net-tools

This update for net-tools fixes the following issues: - Fix stack buffer overflow in parsehex bsc1248687, GHSA-h667-qrp8-gj58. - Fix stack-based buffer overflow in procgenfmt bsc1248687, GHSA-w7jq-cmw2-cq59. - Avoid unsafe memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom...

6.6CVSS6.9AI score0.00165EPSS
Exploits0References7
OSV
OSV
added 2026/03/26 3:12 p.m.4 views

SUSE-SU-2026:20940-1 Security update for net-tools

This update for net-tools fixes the following issues: - Fix stack buffer overflow in parsehex bsc1248687, GHSA-h667-qrp8-gj58. - Fix stack-based buffer overflow in procgenfmt bsc1248687, GHSA-w7jq-cmw2-cq59. - Avoid unsafe memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom...

6.6CVSS6.9AI score0.00165EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/03/26 2:36 p.m.3 views

CVE-2026-23995 EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

8.4CVSS6.3AI score0.00211EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 2:36 p.m.1 views

CVE-2026-23995

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

8.4CVSS6.3AI score0.00211EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/26 2:36 p.m.4 views

CVE-2026-23995 EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

8.4CVSS6.3AI score0.00211EPSS
Exploits1References3
CVE
CVE
added 2026/03/26 2:36 p.m.17 views

CVE-2026-23995

EVerest has a stack-based buffer overflow in the CAN interface initialization. If a CAN interface name exceeds IFNAMSIZ (16), touching CAN open routines overflows the stack via ifreq.ifr_name, potentially leading to code execution. This affects versions prior to 2026.02.0; the patch is included i...

8.4CVSS6.3AI score0.00211EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/26 2:36 p.m.21 views

CVE-2026-23995 EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

8.4CVSS0.00211EPSS
Exploits1References1
Rows per page
Query Builder