Lucene search
K

7 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.10 views

CVE-2026-45257

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...

7.8CVSS0.00154EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 2:50 p.m.6 views

EUVD-2026-39780

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:50 p.m.126 views

CVE-2026-45257

CVE-2026-45257 : FreeBSD KTLS receive path decrypts in place, enabling an unprivileged local user to overwrite a file’s page cache via sendfile(2) data over a loopback connection when KTLS receive is enabled. This can corrupt the backing file and allow privilege escalation by overwriting setuid/t...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

FreeBSD : FreeBSD -- Arbitrary file overwrite via the KTLS receive path (f2c4892a-6472-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f2c4892a-6472-11f1-958d-bc241121aa0a advisory. The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data wer...

7.8CVSS5.5AI score0.00154EPSS
Exploits0References2
OSV
OSV
added 2026/05/25 2:0 p.m.11 views

EEF-CVE-2026-47076 SSRF allowlist bypass via percent-encoded host in hackney

Summary Interpretation Conflict vulnerability in benoitc hackney allows Server Side Request Forgery. hackneyurl:normalize/2 URL-decodes the host component after the URL has been parsed into a hackneyurl record. OTP's uristring:parse/1 and inet:parseaddress/1 do not decode percent-escapes in the...

6.9CVSS5.8AI score0.00201EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-5381

Malware in sbrugna...

4.9CVSS6.4AI score0.00369EPSS
Exploits0References8
NVD
NVD
added 2006/10/18 7:7 p.m.22 views

CVE-2006-5396

The tcpfusercvdrain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service system crash via a TCP loopback connection with both endpoints on the same system...

4.9CVSS6.1AI score0.00369EPSS
Exploits0References7
Rows per page
Query Builder