Lucene search
K

31 matches found

EUVD
EUVD
added 2026/03/26 9:30 a.m.5 views

EUVD-2026-16128

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

7.5CVSS5.7AI score0.01121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/26 6:9 a.m.32 views

CVE-2026-4247 TCP: remotely exploitable DoS vector (mbuf leak)

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

0.01121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 6:9 a.m.3 views

CVE-2026-4247

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

7.5CVSS5.7AI score0.01121EPSS
Exploits0References2
CVE
CVE
added 2026/03/26 6:9 a.m.18 views

CVE-2026-4247

CVE-2026-4247 affects FreeBSD TCP implementations (bases: 14.x, 15.x/releng) where, when a challenge ACK should be sent, tcp_respond() consumes the mbuf and can leak the mbuf if no ACK is sent. An attacker on-path or able to establish a TCP connection can craft packets that trigger a challenge AC...

7.5CVSS5.7AI score0.01121EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.6 views

PT-2026-28217

When a challenge ACK is to be sent tcp respond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

5.7AI score0.01121EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.10 views

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the tcprespond function returning and leaking the mbuf when an ACK should not be sent. This vulnerability could allow attackers to exploit the system by...

7.5CVSS5.8AI score0.01121EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/03/26 12:0 a.m.1 views

FreeBSD Security Advisory - FreeBSD-SA-26:06.tcp

FreeBSD Security Advisory - When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf...

7.5CVSS5.8AI score0.01121EPSS
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2026/03/26 12:0 a.m.15 views

FreeBSD-SA-26:06.tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:06.tcp Security Advisory The FreeBSD Project Topic: TCP: remotely exploitable DoS vector mbuf leak Category: core Module: tcp Announced: 2026-03-26 Credits:...

7.5CVSS5.9AI score0.01121EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.3 views

FreeBSD : FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak) (7aa913e9-28d1-11f1-b35e-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7aa913e9-28d1-11f1-b35e-bc241121aa0a advisory. When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the...

7.5CVSS5.9AI score0.01121EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2026/03/25 12:0 a.m.7 views

FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak)

Problem Description: When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. Impact: If an attacker is either on path with an established TCP...

7.5CVSS5.7AI score0.01121EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-12518

Malware in sbrugna...

7.5CVSS7.5AI score0.01591EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0847

Malware in sbrugna...

7.8CVSS7.6AI score0.02337EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/06/14 12:0 a.m.36 views

Juniper Junos OS Vulnerability (JSA70192)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70192 advisory. An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker t...

7.5CVSS7AI score0.00563EPSS
Exploits0References2
NVD
NVD
added 2023/01/13 12:15 a.m.28 views

CVE-2023-22396

An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...

7.5CVSS7.5AI score0.00563EPSS
Exploits0References1
Prion
Prion
added 2023/01/13 12:15 a.m.27 views

Design/Logic Flaw

An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...

5CVSS7.5AI score0.00563EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/13 12:15 a.m.18 views

Design/Logic Flaw

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. In an MPLS scenario specific packets destined to an Integrated Routing and Bridging irb interface of the...

3.3CVSS6.5AI score0.00296EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/12 12:0 a.m.8 views

CVE-2023-22396 Junos OS: Receipt of crafted TCP packets destined to the device results in MBUF leak leading to a Denial of Service (DoS)

An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...

7.5CVSS7.5AI score0.00563EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/11 12:0 a.m.8 views

PT-2023-1060 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.3R3-S7 Junos OS 19.4 versions prior to 19.4R3-S9 Junos OS 20.1 version 20.1R1 and later versions Junos OS 20.2 versions prior to 20.2R3-S5 Junos OS 20.3 versions prior to 20.3R3-S5 Junos OS 20.4 versions prior to...

6.5CVSS6.5AI score0.00296EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/11 12:0 a.m.9 views

PT-2023-3067 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 12.3R12-S19 through 22.3R2 Juniper Networks Junos OS versions 15.1R7-S10 through 22.3R2 Juniper Networks Junos OS versions 17.3R3-S12 through 22.3R2 Juniper Networks Junos OS versions 18.4R3-S9 through 22.3R...

7.8CVSS7.5AI score0.00563EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/07/24 12:0 a.m.39 views

Juniper Junos Kernel Crash (vmcore) or FPC Crash (JSA11040)

According to its self-reported version, the Junos OS installed on the remote host is affected by a denial of service DoS vulnerability. On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine RE may cause mbuf leak which can lead to Flexible PIC Concentrator FPC...

7.5CVSS7.4AI score0.01591EPSS
Exploits0References2
Rows per page
Query Builder