Lucene search
K

14782 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/20 11:14 p.m.3 views

CVE-2026-25086

Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requiring code injection into the WebCTRL software...

7.7CVSS5.9AI score0.00151EPSS
Exploits0References4
CVE
CVE
added 2026/03/20 11:14 p.m.10 views

CVE-2026-25086

CVE-2026-25086 affects Automated Logic WebCTRL Premium Server. Under certain conditions, an attacker could bind to the same port used by WebCTRL, enabling the crafting and sending of malicious packets and impersonation of the WebCTRL service without requiring code injection into WebCTRL. The prov...

7.7CVSS5.9AI score0.00151EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/20 11:14 p.m.2 views

CVE-2026-25086 Automated Logic WebCTRL Premium Server Multiple Binds to the Same Port

Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requiring code injection into the WebCTRL software...

7.7CVSS5.9AI score0.00151EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/20 11:14 p.m.30 views

CVE-2026-25086 Automated Logic WebCTRL Premium Server Multiple Binds to the Same Port

Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requiring code injection into the WebCTRL software...

7.7CVSS0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.9 views

Socket.IO 代码问题漏洞

Socket.IO is a JavaScript library developed by Socket.IO Inc., aimed at real-time web applications. Versions of Socket.IO prior to 3.3.5, 3.4.4, and 4.2.6 contained code vulnerabilities. These vulnerabilities stemmed from the fact that servers would buffer large amounts of binary attachments when...

8.7CVSS6AI score0.00514EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.6 views

PT-2026-26701

Name of the Vulnerable Software and Affected Versions WebCTRL affected versions not specified Description WebCTRL systems utilizing BACnet communication are susceptible to an issue stemming from the protocol's inherent lack of network layer authentication. The software does not perform additional...

7.5CVSS5.8AI score0.00328EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2026/03/20 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-8105-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26693

Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requiring code injection into the WebCTRL software...

7.7CVSS5.9AI score0.00151EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/19 9:30 p.m.7 views

EUVD-2026-13148

ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing...

5.8AI score0.03002EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/19 6:31 p.m.5 views

EUVD-2026-13142

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS5.8AI score0.00239EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.1 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in protocol parser components. An attacker can cause the application to crash or exhaust resources by sending specially crafted, malformed network packets to a monitored network interface. Note: This i...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.2 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in protocol parser components. An attacker can cause the application to crash or exhaust resources by sending specially crafted, malformed network packets to a monitored network interface. Note: This i...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in protocol parser components. An attacker can cause the application to crash or exhaust resources by sending specially crafted, malformed network packets to a monitored network interface. Note: This i...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/19 6:31 p.m.5 views

Packetbeat does not properly validate an array index in multiple protocol parser components

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS5.8AI score0.00239EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/19 6:31 p.m.8 views

GHSA-27QJ-9GVP-8RH9 Packetbeat does not properly validate an array index in multiple protocol parser components

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS5.8AI score0.00239EPSS
Exploits0References5
NVD
NVD
added 2026/03/19 6:16 p.m.3 views

CVE-2026-26933

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS0.00239EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 5:31 p.m.3 views

USN-8105-2 freerdp3 regression

USN-8105-1 fixed vulnerabilities in FreeRDP. The update introduced a regression which could cause FreeRDP to crash. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FreeRDP incorrectly handled certain RDP packets. A remote attack...

7.5CVSS6AI score0.00346EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/19 5:8 p.m.16 views

CVE-2026-26933 Improper Validation of Array Index in Packetbeat Leading to Denial of Service

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/19 5:8 p.m.2 views

CVE-2026-26933

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS5.8AI score0.00239EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/19 5:8 p.m.19 views

CVE-2026-26933

Packetbeat contains an input validation flaw (CWE-129) in multiple protocol parser components that can trigger out‑of‑bounds reads and cause Denial of Service. An attacker who can send specially crafted, malformed network packets on the same network segment or via traffic routed to monitored inte...

5.7CVSS5.8AI score0.00239EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder