CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10

A issue was discovered in the Linux kernel through version 5.16.11. The mixed IPID assignment method, combined with the hash-based IPID assignment policy, allows an off-path attacker to inject data into a victim’s TCP session or terminate that session...

5.9CVSS6.7AI score0.00039EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-10849

Malware in sbrugna...

6.1CVSS6.6AI score0.00282EPSS

Exploits1References2

RedHat Linux•added 2024/05/02 4:59 p.m.•0 views

kernel: off-path attacker may inject data or terminate victim's TCP session

A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...

5.9CVSS6.7AI score0.00039EPSS

Exploits0References5

Tenable Nessus•added 2024/01/16 12:0 a.m.•48 views

EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2023-3418)

According to the versions of the kernel package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment...

7.8CVSS6.6AI score0.00221EPSS

Exploits4References29

OSV•added 2023/04/12 9:13 p.m.•4 views

USN-6014-1 linux, linux-kvm, linux-lts-xenial vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service connection termination or inject forged data. CVE-2020-36516 Ke Sun, Alyssa Milburn,...

7.8CVSS7.2AI score0.0045EPSS

Exploits25References52

OSV•added 2023/04/12 2:41 p.m.•2 views

USN-6013-1 linux-aws vulnerabilities

7.8CVSS7.1AI score0.0045EPSS

Exploits25References51

OSV•added 2023/04/06 12:13 a.m.•3 views

USN-6001-1 linux-aws vulnerabilities

7.8CVSS7.1AI score0.0045EPSS

Exploits25References51

SUSE CVE•added 2023/02/15 3:50 a.m.•1 views

SUSE CVE-2020-36516

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session...

8.1CVSS6.6AI score0.00039EPSS

Exploits0References36

Veracode•added 2023/01/28 12:46 a.m.•55 views

Spoofing Attack

kernel is vulnerable to Spoofing Attack. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an...

5.9CVSS6.5AI score0.00039EPSS

Exploits0References8Affected Software2

Tenable Nessus•added 2022/11/22 12:0 a.m.•34 views

Oracle Linux 9 : kernel (ELSA-2022-8267)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8267 advisory. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Wander Lairson Costa 2116968 CVE-2022-2585 - fix race between exititimers and...

7.8CVSS7.2AI score0.05077EPSS

Exploits21References31

Tenable Nessus•added 2022/09/17 12:0 a.m.•42 views

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3291-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3291-1 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment...

7.8CVSS7.2AI score0.54307EPSS

Exploits15References50

Tenable Nessus•added 2022/09/08 12:0 a.m.•52 views

SUSE SLES15 Security Update : kernel (Live Patch 29 for SLE 15 SP2) (SUSE-SU-2022:3088-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3088-1 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment...

7.8CVSS6.7AI score0.00168EPSS

Exploits1References7

Tenable Nessus•added 2022/09/06 12:0 a.m.•38 views

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2022:3072-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3072-1 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment...

7.8CVSS7AI score0.05077EPSS

Exploits4References13

OpenVAS•added 2022/06/07 12:0 a.m.•24 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1791)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.00881EPSS

Exploits3References2

Tenable Nessus•added 2022/06/06 12:0 a.m.•44 views

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1791)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows ...

7.8CVSS7AI score0.00881EPSS

Exploits3References8

Tenable Nessus•added 2022/04/25 12:0 a.m.•84 views

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9313)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9313 advisory. - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug: 34012925 CVE-2022-1016 - btrfs: unlock newly allocated extent buffe...

9CVSS7.3AI score0.81082EPSS

Exploits129References15

Tenable Nessus•added 2022/04/11 12:0 a.m.•38 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9274)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9274 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...

7.8CVSS7.6AI score0.13534EPSS

Exploits16References12

Tenable Nessus•added 2022/04/05 12:0 a.m.•48 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9260)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9260 advisory. - drm/i915: Flush TLBs before releasing backing store Tvrtko Ursulin Orabug: 33835812 CVE-2022-0330 - drm/i915: Reduce locking in execlist command...

7.8CVSS6.8AI score0.00164EPSS

Exploits0References6