Lucene search
K

4 matches found

CVE
CVE
added 2026/04/24 7:19 p.m.49 views

CVE-2026-41429

CVE-2026-41429 affects the arduino-esp32 core (ESP32/ESP32-S2/ESP32-S3/ESP32-C3/ESP32-C6/ESP32-H2). The issue is a memory corruption in NBNS packet handling when NetBIOS is enabled via NBNS.begin(...); the code path listens on UDP port 137 and processes untrusted NBNS requests. The request parser...

8.8CVSS5.6AI score0.00307EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/24 7:19 p.m.7 views

CVE-2026-41429

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...

8.8CVSS5.6AI score0.00307EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/03/06 6:15 a.m.2 views

CVE-2022-26495

In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBDOPTINFO,...

9.8CVSS7.5AI score0.02738EPSS
Exploits1References12
Prion
Prion
added 2022/03/06 6:15 a.m.16 views

Integer overflow

In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBDOPTINFO,...

7.5CVSS9.3AI score0.02738EPSS
Exploits1References8Affected Software3
Rows per page
Query Builder