102 matches found
EUVD-2026-36312
OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling...
PT-2026-48736
OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling...
kernel: netfilter: xt_tcpmss: check remaining length before reading optlen
A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...
crun security update
An update is available for crun. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to...
RLSA-2026:19020 Moderate: crun security update
crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...
CVE-2026-34960
barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcpmessagetype function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fixed an out-of-bounds situation during the parsing of TCP options. The TCP option parser in mptcp mptcpgetoptions could read one byte out of bounds. When the length of the option is 1, the execution flow enters a loop,...
crun security update
An update is available for crun. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to...
Moderate: Red Hat Security Advisory: crun security update
An update for crun is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: Red Hat Security Advisory: crun security update
An update for crun is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 9 : crun (RHSA-2026:19178)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19178 advisory. crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 For more details...
ALSA-2026:19178 Moderate: crun security update
crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...
ALSA-2026:19020 Moderate: crun security update
crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...
EUVD-2026-29290
barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcpmessagetype function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK...
CVE-2026-34960
barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcpmessagetype function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK...
CVE-2026-34960 barebox Out-of-Bounds Read in DHCP Option Parsing
barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcpmessagetype function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK...
CVE-2026-34960
barebox before 2026.04.0 contains an out-of-bounds read in DHCP option parsing (dhcp_message_type) due to not ensuring the options pointer stays within packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer/ACK lacking a proper 0xff end marker to cause the parser to...
CVE-2026-34960 barebox Out-of-Bounds Read in DHCP Option Parsing
barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcpmessagetype function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK...
PT-2026-39849
Name of the Vulnerable Software and Affected Versions barebox versions prior to 2026.04.0 Description An out-of-bounds read occurs during DHCP option parsing within the dhcp message type function because the software fails to verify that the options pointer remains within the received packet...
CLSA-2026-1778238289 frr: Fix of 4 CVEs
CVE-2022-43681: fix bgpd crash on malformed BGP OPEN messages with insufficient data - CVE-2022-40318: fix out-of-bounds read in bgpopenoptionparse with extended option params - CVE-2023-31489: fix out-of-bounds read in BGP Long-lived Graceful-Restart capability parsing - CVE-2023-46752: fix bgpd...