Lucene search
K

5 matches found

OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-52986 netfilter: nf_conntrack_sip: don't use simple_strtoul

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: don't use simplestrtoul Replace unsafe port parsing in epaddrlen, ctsipparseheaderuri, and ctsipparserequest with a new sipparseport helper that validates each digit against the buffer limit, eliminatin...

9.8CVSS6AI score0.00559EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 4:29 p.m.30 views

CVE-2026-52986

The CVE-2026-52986 issue affects the Linux kernel netfilter nf_conntrack_sip module, where unsafe port parsing on non-NUL-terminated data allowed malformed SIP packets to affect conntrack processing. The fix introduces a dedicated sip_parse_port() that validates each digit against the buffer limi...

9.8CVSS6AI score0.00559EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.32 views

CVE-2026-52986 netfilter: nf_conntrack_sip: don't use simple_strtoul

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: don't use simplestrtoul Replace unsafe port parsing in epaddrlen, ctsipparseheaderuri, and ctsipparserequest with a new sipparseport helper that validates each digit against the buffer limit, eliminatin...

9.8CVSS0.00559EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2021/08/03 12:0 a.m.7 views

PT-2021-21147 · Libfetch +2 · Libfetch +2

Name of the Vulnerable Software and Affected Versions: libfetch versions prior to 2021-07-26 Description: The issue concerns the mishandling of numeric strings for the FTP and HTTP protocols. Specifically, the FTP passive mode implementation allows an out-of-bounds read due to the use of strtol t...

9.8CVSS7.4AI score0.87816EPSS
Exploits2References15
RedHat Linux
RedHat Linux
added 2011/03/09 9:7 p.m.4 views

JDK Double.parseDouble Denial-Of-Service

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

5CVSS6.1AI score0.2349EPSS
Exploits1References4
Rows per page
Query Builder