CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

198 matches found

NVD•added 2026/06/12 3:16 p.m.•10 views

CVE-2026-45536

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

4CVSS0.00136EPSS

Exploits0References3

SUSE CVE•added 2026/06/04 2:30 a.m.•10 views

SUSE CVE-2026-10650

A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lwssshparseplaintext of the file plugins/protocollwssshbase/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msglen can lead to resource consumption. The attack may be...

6.9CVSS5.7AI score0.00429EPSS

Exploits0References3

EUVD•added 2026/06/03 12:30 a.m.•10 views

EUVD-2026-34034

6.9CVSS5.4AI score0.00429EPSS

Exploits0References9

Snyk•added 2026/06/02 11:20 p.m.•4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the lwssshparseplaintext function. An attacker can exhaust system resources by sending specially crafted messages with manipulated msglen arguments remotely. Remediation There is ...

6.9CVSS5.9AI score0.00429EPSS

Exploits0References2

Debian CVE•added 2026/06/02 9:15 p.m.•7 views

CVE-2026-10650

6.9CVSS5.4AI score0.00429EPSS

Exploits0

Cvelist•added 2026/06/02 9:15 p.m.•30 views

CVE-2026-10650 warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption

6.9CVSS0.00429EPSS

Exploits0References8

ATTACKERKB•added 2026/06/02 9:15 p.m.•6 views

CVE-2026-10650

6.9CVSS5.7AI score0.00429EPSS

Exploits0References7Affected Software1

Positive Technologies•added 2026/06/02 12:0 a.m.•11 views

PT-2026-45865

Name of the Vulnerable Software and Affected Versions warmcat libwebsockets versions prior to 4.5.9 Description A flaw in the SSH Protocol Handler component allows for remote resource consumption. The issue exists within the lws ssh parse plaintext function located in the plugins/protocol lws ssh...

6.9CVSS6.1AI score0.00429EPSS

Exploits0References21

RedHat Linux•added 2026/05/26 6:51 a.m.•8 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01027EPSS

Exploits0References4

RedHat Linux•added 2026/05/26 6:40 a.m.•9 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

7.5CVSS6.1AI score0.01027EPSS

Exploits0References4

UbuntuCve•added 2026/05/21 1:16 p.m.•10 views

CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

8.8CVSS5.9AI score0.00272EPSS

Exploits0References7

CVE•added 2026/05/21 12:12 p.m.•12 views

CVE-2026-43495

CVE-2026-43495 concerns the Linux kernel net/wwan/t7xx subsystem. The issue arises in t7xx_port_enum_msg_handler, which uses a modem-provided port_count to loop over port_msg->data[] without ensuring the message buffer is long enough, enabling a potential slab-out-of-bounds read when port_coun...

8.8CVSS5.9AI score0.00272EPSS

Exploits0References7

Cvelist•added 2026/05/21 12:12 p.m.•38 views

CVE-2026-43495 net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler

8.8CVSS0.00272EPSS

Exploits0References6

ATTACKERKB•added 2026/05/21 12:12 p.m.•12 views

CVE-2026-43495

8.8CVSS5.8AI score0.00272EPSS

Exploits0References7Affected Software1

Positive Technologies•added 2026/05/21 12:0 a.m.•9 views

PT-2026-42452

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the t7xx port enum msg handler function where the modem-supplied port count field is used as a loop bound over port msg-data without verifying if the message buffer...

8.8CVSS5.9AI score0.00272EPSS

Exploits0References34

EUVD•added 2026/05/06 12:30 p.m.•5 views

EUVD-2026-27688

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

6.1AI score0.00542EPSS

Exploits0References5

CVE•added 2026/05/06 11:27 a.m.•18 views

CVE-2026-43125

CVE-2026-43125 affects the Linux kernel dlm module. The vulnerability stems from unvalidated length in dlm_dump_rsb_name() coming from network messages, allowing an out-of-bounds write in dlm_search_rsb_tree() when the length exceeds DLM_RESNAME_MAXLEN. This could enable denial of service and, in...

9.8CVSS6.1AI score0.00542EPSS

Exploits0References4Affected Software1