Lucene search
+L

34 matches found

vulnrichment
vulnrichment
added 2026/06/27 10:59 p.m.8 views

CVE-2026-10643 Out-of-bounds heap write in Zephyr `recvmsg()` ancillary-data path (`insert_pktinfo` undersizes the control-buffer capacity check)

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS6.2AI score0.00122EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-0192

Malware in sbrugna...

5.8CVSS6AI score0.02476EPSS
Exploits0References4
redhat
redhat
added 2024/11/12 9:11 a.m.3 views

kernel: af_netlink: Fix shift out of bounds in group mask calculation

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

5.5CVSS6.7AI score0.00259EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2024/05/16 12:0 a.m.7 views

The vulnerability of the `ipv4_pktinfo_prepare()` function in the `net/ipv4/ip_sockglue.c` module of the Linux operating system’s IPv4 protocol implementation allows a attacker to cause a service failure.

The vulnerability of the Linux operating system’s IPv4 protocol implementation relates to the handling of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00227EPSS
Exploits0References15Affected Software2
checkpoint_advisories
checkpoint_advisories
added 2017/10/03 12:0 a.m.22 views

Dnsmasq Integer Underflow Denial Of Service (CVE-2017-14496)

A denial of service vulnerability exists over Dnsmasq. This is due to the way Dnsmasq handles packet information. A successful attack could lead to a denial of service...

7.8CVSS3.4AI score0.66347EPSS
Exploits5
redhat
redhat
added 2017/05/09 4:41 p.m.12 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
redhat
redhat
added 2017/04/12 10:51 a.m.7 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
redhat
redhat
added 2017/02/28 3:3 p.m.5 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
redhat
redhat
added 2017/02/22 4:56 p.m.4 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
nvd
nvd
added 2014/01/23 5:55 p.m.29 views

CVE-2013-7312

The OSPF implementation on Enterasys switches and routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or...

5.4CVSS6.2AI score0.0109EPSS
Exploits0References4
nvd
nvd
added 2014/01/23 5:55 p.m.36 views

CVE-2013-7313

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial o...

5.4CVSS6.3AI score0.01076EPSS
Exploits0References2
nvd
nvd
added 2014/01/23 5:55 p.m.24 views

CVE-2013-7310

The OSPF implementation on Yamaha routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or obtain sensitive...

5.4CVSS6.2AI score0.00782EPSS
Exploits0References3
nvd
nvd
added 2014/01/23 5:55 p.m.24 views

CVE-2013-7309

The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or obtain...

5.4CVSS6.2AI score0.01229EPSS
Exploits0References2
prion
prion
added 2014/01/23 5:55 p.m.24 views

Design/Logic Flaw

The OSPF implementation on Yamaha routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or obtain sensitive...

5.4CVSS6.6AI score0.02476EPSS
Exploits0References3
prion
prion
added 2014/01/23 5:55 p.m.29 views

Design/Logic Flaw

The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or obtain sensitiv...

5.4CVSS6.6AI score0.02476EPSS
Exploits0References2
prion
prion
added 2014/01/23 5:55 p.m.29 views

Design/Logic Flaw

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial o...

5.4CVSS6.6AI score0.02476EPSS
Exploits0References2Affected Software2
cvelist
cvelist
added 2014/01/23 5:0 p.m.41 views

CVE-2013-7313

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial o...

6.2AI score0.01076EPSS
Exploits0References2
cvelist
cvelist
added 2014/01/23 5:0 p.m.34 views

CVE-2013-7310

The OSPF implementation on Yamaha routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or obtain sensitive...

6.2AI score0.00782EPSS
Exploits0References3
cvelist
cvelist
added 2014/01/23 5:0 p.m.43 views

CVE-2013-7314

The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing...

6.2AI score0.01593EPSS
Exploits1References4
cve
cve
added 2014/01/23 5:0 p.m.123 views

CVE-2013-7311

CVE-2013-0149 is referenced across multiple vendors in connected sources as an OSPF LSA handling vulnerability where the implementation fails to validate duplicate Link State ID values in LSA packets. This leads to remote DoS (routing disruption) and potential information disclosure through craft...

5.4CVSS6.3AI score0.00612EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder