Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2026/04/09 9:45 p.m.1 views

CVE-2026-5778 Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path.

Integer underflow in wolfSSL packet sniffer = 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by sslDecodePacket. The underflow wraps a 16-bit length to a large valu...

2.1CVSS5.8AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.2 views

CVE-2026-33283

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing malformed UL NAS Transport NAS messages without a Request Type. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected...

7.5CVSS5.8AI score0.00365EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 5:47 p.m.2 views

GHSA-3366-GW57-FCM5 Ella Core panics on malformed ULNASTransport Message without a Request Type

Summary Ella Core panics when processing malformed UL NAS Transport NAS messages without a Request Type. Impact An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Fix Add a guar...

6.5CVSS5.8AI score0.00365EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/19 5:47 p.m.4 views

Ella Core panics on malformed ULNASTransport Message without a Request Type

Summary Ella Core panics when processing malformed UL NAS Transport NAS messages without a Request Type. Impact An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Fix Add a guar...

7.5CVSS5.8AI score0.00365EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/14 12:24 a.m.8 views

SUSE CVE-2026-31812

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...

5.3CVSS5.8AI score0.005EPSS
Exploits0References8
OSV
OSV
added 2026/03/10 9:4 p.m.4 views

CVE-2026-31812 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...

8.7CVSS5.8AI score0.005EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.4 views

PT-2026-24465

Name of the Vulnerable Software and Affected Versions Quinn versions prior to 0.11.14 Description A remote, unauthenticated attacker can cause a denial of service in applications using vulnerable Quinn versions by sending a specially crafted QUIC Initial packet containing malformed quic transport...

8.7CVSS5.8AI score0.005EPSS
Exploits0References41
Vulnrichment
Vulnrichment
added 2025/10/03 12:0 a.m.6 views

CVE-2025-55972

A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementation is affected by a remote, unauthenticated Denial of Service DoS condition. By sending a flood of malformed or oversized SetAVTransportURI SOAP requests to the UPnP control endpoint, an attacker can cause the device to becom...

6.6AI score0.00505EPSS
Exploits1References2
Rows per page
Query Builder