CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4814 matches found

ATTACKERKB•added 2026/03/26 6:15 a.m.•2 views

CVE-2026-4652

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...

7.5CVSS5.9AI score0.00027EPSS

Exploits0References2

CVE•added 2026/03/26 6:15 a.m.•14 views

CVE-2026-4652

Summary of CVE-2026-4652 (NVMe/TCP) : A remote attacker with network access to an NVMe/TCP target can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID, leading to an unauthenticated Denial of Service. Affected systems expose an NVMe/TCP target; imp...

7.5CVSS5.9AI score0.00027EPSS

Exploits0References1Affected Software1

Packet Storm News•added 2026/03/26 12:0 a.m.•1 views

FreeBSD Security Advisory - FreeBSD-SA-26:07.nvmf

FreeBSD Security Advisory - On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID...

7.5CVSS5.9AI score0.00027EPSS

Exploits0

FreeBSD Advisory•added 2026/03/26 12:0 a.m.•3 views

FreeBSD-SA-26:07.nvmf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:07.nvmf Security Advisory The FreeBSD Project Topic: Remote denial of service via null pointer dereference Category: core Module: nvmf Announced: 2026-03-26...

7.5CVSS5.9AI score0.00027EPSS

Exploits0

Positive Technologies•added 2026/03/26 12:0 a.m.•1 views

PT-2026-28218

5.9AI score0.00027EPSS

Exploits0References2

Tenable Nessus•added 2026/03/26 12:0 a.m.•1 views

FreeBSD : FreeBSD -- Remote denial of service via null pointer dereference (11bf64f0-28d2-11f1-b35e-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 11bf64f0-28d2-11f1-b35e-bc241121aa0a advisory. On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNEC...

7.5CVSS6AI score0.00027EPSS

Exploits0References2

SUSE CVE•added 2026/03/25 4:55 p.m.•1 views

SUSE CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.8AI score0.00019EPSS

Exploits0References3

RedhatCVE•added 2026/03/25 2:21 p.m.•1 views

CVE-2026-23369

A flaw was found in the Linux kernel's i2c i801 driver. Under rare circumstances, multiple udev threads can concurrently access the i801acpiiohandler during system boot. This can lead to a null pointer dereference when the i2clockbus attempts to use an unregistered memory area. A local attacker...

5.5CVSS5.7AI score0.00017EPSS

Exploits0References4

RedhatCVE•added 2026/03/25 1:40 p.m.•3 views

CVE-2026-23282

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability occurs when the SMB client fails to properly initialize variables during certain connection operations, such as reconnecting. An uninitialized variable can then be used, leading to a kernel panic and causin...

5.5CVSS5.8AI score0.00017EPSS

Exploits0References4

RedhatCVE•added 2026/03/25 1:38 p.m.•1 views

CVE-2026-23300

A flaw was found in the Linux kernel's IPv6 networking stack. When a standalone IPv6 nexthop object is created with a loopback device, it is misclassified as a reject route, leading to an unallocated pointer. If an IPv4 route then attempts to reference this nexthop, it causes a NULL pointer...

5.5CVSS5.7AI score0.00031EPSS

Exploits0References4

RedhatCVE•added 2026/03/25 12:48 p.m.•1 views

CVE-2026-23316

A flaw was found in the Linux kernel's handling of multipath hash seeds on ARM64 architectures. This vulnerability can lead to a system crash kernel panic when the kernel is compiled with specific optimizations, such as Clang with Link-Time Optimization LTO, due to an alignment fault during memor...

5.5CVSS5.8AI score0.00017EPSS

Exploits0References4

EUVD•added 2026/03/25 12:30 p.m.•1 views

EUVD-2026-15367

5.8AI score0.00019EPSS

Exploits0References3

EUVD•added 2026/03/25 12:30 p.m.•2 views

EUVD-2026-15353

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...

5.7AI score0.00017EPSS

Exploits0References5

EUVD•added 2026/03/25 12:30 p.m.•0 views

EUVD-2026-15312

In the Linux kernel, the following vulnerability has been resolved: arm64: gcs: Do not set PTESHARED on GCS mappings if FEATLPA2 is enabled When FEATLPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bits 50-51 of the output address. The PAGEGCS,RO definitions include th...

5.7AI score0.00017EPSS

Exploits0References4