Lucene search
K

484 matches found

CNNVD
CNNVD
added 2025/07/06 12:0 a.m.5 views

Belkin F9K1122 安全漏洞

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect manipulation of the parameter L2TPUserName in the file /goform/formL2TPSetup, for which no detailed vulnerability details are provided at this tim...

9CVSS7.2AI score0.08437EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2025/07/04 11:22 p.m.4 views

SUSE CVE-2025-38184

In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPCNLUDPGETREMOTEIP with media name set to tun tipc: Started in network mode tipc: Nod...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References29
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.12 views

Optimistic MEV in Ethereum Layer 2s: Why Blockspace Is Always in Demand

Layer 2 rollups are rapidly absorbing DeFi activity, securing over $40 billion and accounting for nearly half of Ethereum's DEX volume by Q1 2025, yet their MEV dynamics remain understudied. We address this gap by defining and quantifying optimistic MEV, a form of speculative, on-chain cyclic...

7.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/06/19 2:24 p.m.5 views

CVE-2025-48886 hydra-node dangerously assumes L1 event finality and does not consider failed transactions

Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those...

4.8CVSS7AI score0.00252EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/19 2:24 p.m.9 views

CVE-2025-48886 hydra-node dangerously assumes L1 event finality and does not consider failed transactions

Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those...

4.8CVSS0.00252EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/06/05 12:0 a.m.11 views

A Private Smart Wallet with Probabilistic Compliance

We propose a privacy-preserving smart wallet with a novel invitation-based private onboarding mechanism. The solution integrates two levels of compliance in concert with an authority party: a proof of innocence mechanism and an ancestral commitment tracking system using bloom filters for...

7AI score
Exploits0
CVE
CVE
added 2025/05/27 10:11 p.m.50 views

CVE-2024-11185

CVE-2024-11185 affects Arista EOS: ingress traffic on Layer-2 ports can be improperly forwarded to VLANs other than the intended one, breaching VLAN isolation. Affected EOS releases include 4.29.x (4.29.10M and below), 4.30.x (4.30.9M and below), 4.31.x (4.31.6M and below), 4.32.x (4.32.3M and be...

6.5CVSS6.5AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/27 12:0 a.m.4 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from the possibility of incorrectly forwarding Layer 2 port ingress traffic under certain conditions, resulting in a breach of...

6.5CVSS6.6AI score0.00225EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/05/26 12:0 a.m.6 views

A Framework for Combined Transaction Posting and Pricing for Layer 2 Blockchains

This paper presents a comprehensive framework for transaction posting and pricing in Layer 2 L2 blockchain systems, focusing on challenges stemming from fluctuating Layer 1 L1 gas fees and the congestion issues within L2 networks. Existing methods have focused on the problem of optimal posting...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:1 a.m.8 views

CVE-2023-42806

Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, not signing and verifying $\mathsfcid$ allows an attacker which must be a participant of this head to use a snapshot from an old head instance with the same participants to close the head or contest the state with i...

6.5CVSS6.8AI score0.00413EPSS
Exploits0References1
Amazon
Amazon
added 2025/04/29 12:0 a.m.6 views

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol L2TP. A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. CVE-2022-4129 In...

7.8CVSS6.4AI score0.00391EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/21 12:0 a.m.8 views

A Security Framework for General Blockchain Layer 2 Protocols

Layer 2 L2 solutions are the cornerstone of blockchain scalability, enabling high-throughput and low-cost interactions by shifting execution off-chain while maintaining security through interactions with the underlying ledger. Despite their common goals, the principal L2 paradigms -- payment...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/04/05 2:25 a.m.0 views

SUSE CVE-2025-21969

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...

5.5CVSS6.3AI score0.0018EPSS
Exploits0References20
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.8 views

The vulnerability of the Layer 2 Address Learning Daemon (L2ALD) in Juniper Networks’ Junos OS Evolved operating systems allows a hacker to induce a service failure.

The vulnerability of the Layer 2 Address Learning Daemon L2ALD in Juniper Networks’ Junos OS Evolved operating systems is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

6.5CVSS5.5AI score0.00248EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/03/27 5:15 p.m.7 views

DEBIAN-CVE-2023-53020

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

4.7CVSS5.4AI score0.0013EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 5:15 p.m.1 views

UBUNTU-CVE-2023-53020

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

4.7CVSS6.1AI score0.0013EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in l2tp tunnel registration...

4.7CVSS6.2AI score0.0013EPSS
Exploits0References6
OSV
OSV
added 2025/03/12 4:15 p.m.4 views

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

8.6CVSS5.7AI score0.00507EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/03/08 8:0 a.m.4 views

Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()

...

7.8CVSS7.2AI score0.00236EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/02/27 3:5 a.m.3 views

SUSE CVE-2022-49539

In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER system error recover L2 reset process and ieee80211restarthw which is called by L2 reset process eventuall...

3.3CVSS6.3AI score0.00209EPSS
Exploits0References3
Rows per page
Query Builder