8 matches found
CVE-2026-5778 Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path.
Integer underflow in wolfSSL packet sniffer = 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by sslDecodePacket. The underflow wraps a 16-bit length to a large valu...
CVE-2026-33283
Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing malformed UL NAS Transport NAS messages without a Request Type. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected...
GHSA-3366-GW57-FCM5 Ella Core panics on malformed ULNASTransport Message without a Request Type
Summary Ella Core panics when processing malformed UL NAS Transport NAS messages without a Request Type. Impact An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Fix Add a guar...
Ella Core panics on malformed ULNASTransport Message without a Request Type
Summary Ella Core panics when processing malformed UL NAS Transport NAS messages without a Request Type. Impact An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Fix Add a guar...
SUSE CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
PT-2026-24465
Name of the Vulnerable Software and Affected Versions Quinn versions prior to 0.11.14 Description A remote, unauthenticated attacker can cause a denial of service in applications using vulnerable Quinn versions by sending a specially crafted QUIC Initial packet containing malformed quic transport...
CVE-2025-55972
A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementation is affected by a remote, unauthenticated Denial of Service DoS condition. By sending a flood of malformed or oversized SetAVTransportURI SOAP requests to the UPnP control endpoint, an attacker can cause the device to becom...