Lucene search
+L

33 matches found

OSV
OSV
added 2026/04/10 11:20 a.m.4 views

OPENSUSE-SU-2026:20505-1 Security update for corosync

This update for corosync fixes the following issues: - CVE-2026-35091: Denial of Service and information disclosure via crafted UDP packet bsc1261299. - CVE-2026-35092: Denial of Service via integer overflow in join message validation bsc1261300...

8.2CVSS5.8AI score0.00994EPSS
Exploits2References4
CVE
CVE
added 2026/04/09 9:43 p.m.49 views

CVE-2026-5264

CVE-2026-5264 describes a heap buffer overflow in DTLS 1.3 ACK message processing. The vulnerability can be triggered by a remote attacker that sends a crafted DTLS 1.3 ACK message, potentially enabling high-impact outcomes as reflected by the associated CVSS metrics (NVD: AV:N/AC:L/PR:N/UI:N/S:U...

9.8CVSS6.4AI score0.00446EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-35092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/01 1:18 p.m.5 views

CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/09 3:30 p.m.5 views

EUVD-2026-10335

The rtsockmsgbuffer function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddrstorage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not necessarily the case, and it's...

7.5CVSS6AI score0.00468EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.8 views

PT-2025-53611

Name of the Vulnerable Software and Affected Versions ESF-IDF versions 5.5.1 through 5.1.6 Description ESF-IDF, the Espressif Internet of Things IOT Development Framework, contains a flaw in the avrc vendor msg function within the BlueDroid AVRCP stack. The function validates the allocated buffer...

6.1CVSS7.2AI score0.003EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-1856

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.01716EPSS
Exploits0References19
OSV
OSV
added 2024/05/09 3:12 p.m.36 views

GHSA-X9VC-6HFV-HG8C Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow

Summary The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This causes Npgsql to write a message size that is...

8.1CVSS8.2AI score0.01716EPSS
Exploits0References19
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.3 views

In libssh2 v1.9.0 and earlier versions the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

...

8.1CVSS7.2AI score0.03793EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2016/09/07 12:0 a.m.9 views

The vulnerability of the SIP server Kamailio, which allows attackers to trigger a service failure or execute arbitrary codes.

The vulnerability of the encodemsg function in the encodemsg.c file of the SEAS SIP server module Kamailio arises due to an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a remote attacker to cause a service failure or execute arbitrary code memory corruption, emergen...

10CVSS8.3AI score0.30518EPSS
Exploits4References14Affected Software2
Gentoo Linux
Gentoo Linux
added 2005/03/20 12:0 a.m.31 views

Sylpheed, Sylpheed-claws: Message reply overflow

Background Sylpheed is a lightweight email client and newsreader. Sylpheed-claws is a 'bleeding edge' version of Sylpheed. Description Sylpheed and Sylpheed-claws fail to properly handle non-ASCII characters in email headers when composing reply messages. Impact An attacker can send an email...

5.1CVSS7AI score0.03246EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/04 12:0 a.m.8 views

Vypress < 4.0 First Message Field Overflow

Binary data 2347.prm...

7.5CVSS7.3AI score0.04598EPSS
Exploits1References1
securityvulns
securityvulns
added 2002/02/24 12:0 a.m.24 views

Remote crashes in Yahoo messenger

All versions of Yahoo messenger version 5. Listens on port 5101 on client machine. obviously to offload server traffic for IMs problems: for all of the problems listed below, the traffic is sent to the yahoo messenger opened port, 5101 1. One can crash yahoo messenger by overflowing the message...

2AI score
Exploits0
Rows per page
Query Builder