Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/06/02 10:16 p.m.9 views

CVE-2026-10650

A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lwssshparseplaintext of the file plugins/protocollwssshbase/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msglen can lead to resource consumption. The attack may be...

6.9CVSS0.00429EPSS
Exploits0References8
CVE
CVEadded 2026/06/02 9:15 p.m.120 views

CVE-2026-10650

warmcat libwebsockets (up to 4.5.8) contains a flaw in the SSH Protocol Handler: lws_ssh_parse_plaintext (plugins/protocol_lws_ssh_base/sshd.c) can be triggered by manipulating msg_len, leading to resource consumption. The issue can be exploited remotely; a proof-of-concept exploit has been publi...

6.9CVSS5.7AI score0.00429EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/06/02 12:0 a.m.4 views

Libwebsockets 安全漏洞

Libwebsockets is a standardized network library open-sourced by the lws-team. Versions of Libwebsockets 4.5.8 and earlier contain security vulnerabilities. These vulnerabilities stem from the lwssshParseplaintext function in the SSH Protocol Handler component’s plugins/protocollwssshbase/sshd.c...

6.9CVSS5.3AI score0.00429EPSS
Exploits0References8
CVE
CVEadded 2025/12/24 12:23 p.m.9 views

CVE-2023-54066

CVE-2023-54066 (Linux kernel) affects the media: dvb-usb-v2 driver for the gl861 device. In gl861_i2c_master_xfer, the user-controlled msg can have buf == NULL while len == 0, allowing prior checks on msg[i].buf to pass and potentially reach gl861_i2c_master_xfer with a NULL dereference. The vend...

6.1AI score0.00168EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2024/11/12 9:11 a.m.1 views

kernel: media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()

In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach az6007i2cxfer. If...

5.5CVSS6.8AI score0.00146EPSS
Exploits0References5
BDU FSTEC
BDU FSTECadded 2020/02/27 12:0 a.m.5 views

The vulnerability of the lsi_do_msgin function in the QEMU hardware emulation software, related to reading beyond the data buffer, allows a hacker to trigger a service failure.

The vulnerability of the lsidomsgin function hw/scsi/lsi53c895a.c in the QEMU hardware emulation software is related to reading beyond the buffer data boundary. Exploiting this vulnerability can allow an attacker to cause a service failure due to an invalid value of the msglen variable...

5.5CVSS6.8AI score0.00561EPSS
Exploits0References8Affected Software5
OSV
OSVadded 2019/03/21 4:0 p.m.2 views

DEBIAN-CVE-2018-18849

In Qemu 3.0.0, lsidomsgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msglen value...

5.5CVSS7AI score0.00561EPSS
Exploits0References1
Rows per page
Query Builder