Lucene search
K

25 matches found

Cvelist
Cvelist
added 2026/06/22 5:53 p.m.31 views

CVE-2026-11834 Unauthenticated Command Injection via DHCP Option Handling in Multiple TP-Link Routers

A command injection vulnerability has been identified in the DHCP option processing logic in multiple TP-Link router models, due to insufficient validation of externally supplied DHCP option data. An adjacent attacker may exploit this vulnerability by supplying crafted DHCP responses, potentially...

8.7CVSS0.00409EPSS
Exploits1References8
CVE
CVE
added 2026/06/22 5:53 p.m.16 views

CVE-2026-11834

CVE-2026-11834 describes a command-injection vulnerability in the DHCP option processing logic of multiple TP-Link routers, caused by insufficient validation of externally supplied DHCP option data. An adjacent attacker can exploit this by sending crafted DHCP responses, potentially during device...

8.7CVSS5.9AI score0.00409EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.8 views

CVE-2026-44290

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...

7.5CVSS5.5AI score0.00373EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 4:16 p.m.13 views

CVE-2026-44290

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...

7.5CVSS0.00373EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i +...

8.2CVSS5.8AI score0.00443EPSS
Exploits0References3
OSV
OSV
added 2026/04/22 5:16 p.m.3 views

UBUNTU-CVE-2026-35343

The cut utility in uutils coreutils incorrectly handles the -s only-delimited option when a newline character is specified as the delimiter. The implementation fails to verify the onlydelimited flag in the cutfieldsnewlinechardelim function, causing the utility to print non-delimited lines that...

3.3CVSS5.8AI score0.00135EPSS
Exploits0References3
OSV
OSV
added 2026/03/20 2:45 p.m.3 views

CLSA-2026-1774017921 Fix CVE(s): CVE-2026-25749

SECURITY UPDATE: Heap buffer overflow in helpfile option handling - debian/patches/CVE-2026-25749.patch: use vimstrncpy with MAXPATHL bound instead of unbounded STRCPY in gettagfname - CVE-2026-25749...

6.6CVSS6.8AI score0.00213EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.4 views

CVE-2023-26143

Versions of the package blamer before 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile API. The library does not sanitize for user input or validate the given file path conforms to a specific schema, nor does it properly pass command-line flags to the git binary using the...

9.1CVSS7.2AI score0.00924EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/02/17 9:22 a.m.2 views

Out-of-bounds read vulnerability in Cente middleware

Overview Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NXTech Co., Ltd. treat TCP MSS option values improperly, leading to an out-of-bounds read vulnerability CWE-125, CVE-2025-23406. DMG MORI Digital Co., LTD. reported this...

5.3CVSS6.5AI score0.00373EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/02/01 3:47 a.m.5 views

SUSE CVE-2025-21683

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

2.5CVSS6.5AI score0.00208EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.5 views

kernel: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)

In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fix UAF in j1939skmatchfilter during setsockoptSOJ1939FILTER Lock jsk-sk to prevent UAF when setsockopt..., SOJ1939FILTER, ... modifies jsk-filters while receiving packets. Following trace was seen on affected system:...

7.8CVSS6.8AI score0.00231EPSS
Exploits0References5
OSV
OSV
added 2024/07/11 4:15 p.m.4 views

CVE-2024-39520

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

8.5CVSS5.9AI score0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.4 views

EDK2 Buffer Error Vulnerability

EDK2 is a cross-platform firmware development environment from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from the Network Package's susceptibility to a buffer overflow vulnerability when handling the DNS server option in...

8.8CVSS7.5AI score0.01186EPSS
Exploits1References7
OSV
OSV
added 2023/03/27 2:47 p.m.4 views

USN-5964-2 curl vulnerabilities

USN-5964-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing,...

9.8CVSS6.8AI score0.01993EPSS
Exploits3References4
Debian CVE
Debian CVE
added 2023/01/17 12:0 a.m.36 views

CVE-2022-41860

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...

7.5CVSS7.5AI score0.01171EPSS
Exploits0
Veracode
Veracode
added 2020/04/10 12:15 a.m.30 views

Arbitrary Memory Read

The Linux kernel is vulnerable to arbitrary memory read. A flaw in the IPv6 socket option handling allows a local user to read arbitrary kernel memory...

7.2CVSS2.9AI score0.011EPSS
Exploits7References28Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.29 views

EulerOS 2.0 SP2 : NetworkManager (EulerOS-SA-2019-1119)

According to the version of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling CVE-2018-15688 Note that Tenable Network Security has extracte...

8.8CVSS7.8AI score0.0168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/15 12:0 a.m.151 views

RHEL 7 : systemd (RHSA-2019:0049)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0049 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides...

8.8CVSS7.4AI score0.02958EPSS
Exploits3References8
Exploit DB
Exploit DB
added 2017/12/12 12:0 a.m.48 views

Apple macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1373 SOFLOWDIVERTTOKEN is a socket option on the SOLSOCKET layer. It's implemented by flowdiverttokensetstruct socket so, struct sockopt sopt in flowdivert.c. The relevant code is: error = sooptgetmsopt, &token; if error goto don...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/05/23 12:0 a.m.10 views

Apple macOSiOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling

Apple macOSiOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1140 netagentctlsetopt is the setsockopt handler for netagent control sockets. Options of type NETAGENTOPTIONTYPEREGISTER...

7.3AI score
Exploits0
Rows per page
Query Builder