Lucene search
K

14782 matches found

Vulnrichment
Vulnrichment
added 2026/03/19 5:8 p.m.5 views

CVE-2026-26933 Improper Validation of Array Index in Packetbeat Leading to Denial of Service

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS5.8AI score0.00239EPSS
Exploits0References1
Elastic
Elastic
added 2026/03/19 4:56 p.m.7 views

Packetbeat 8.19.11, 9.2.5 Security Update (ESA-2026-11)

Improper Validation of Array Index in Packetbeat Leading to Denial of Service Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted,...

5.7CVSS5.7AI score0.00239EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/19 12:0 a.m.112 views

CVE-2026-25667

ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing...

0.03002EPSS
Exploits1References3
CVE
CVE
added 2026/03/19 12:0 a.m.16 views

CVE-2026-25667

The OSV entries and CVE describe a vulnerability in ASP.NET Core Kestrel (Microsoft .NET 8.0 < 8.0.22 and .NET 9.0

7.5CVSS5.8AI score0.03002EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.6 views

PT-2026-26323

Name of the Vulnerable Software and Affected Versions Packetbeat affected versions not specified Description An improper validation of array index can lead to a denial of service through input data manipulation. An attacker positioned on the same network segment as the Packetbeat deployment, or...

5.7CVSS5.9AI score0.00239EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/03/19 12:0 a.m.4 views

CVE-2026-25667

ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing...

5.8AI score0.03002EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.5 views

Ubuntu 24.04 LTS / 25.10 : FreeRDP vulnerabilities (USN-8105-1)

The remote Ubuntu 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8105-1 advisory. It was discovered that FreeRDP incorrectly handled certain RDP packets. A remote attacker could use this issue to cause FreeRDP to crash, resulti...

9.8CVSS6.1AI score0.00756EPSS
Exploits30References33
Ubuntu
Ubuntu
added 2026/03/18 12:3 p.m.9 views

USN-8105-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain RDP packets. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS6AI score0.00756EPSS
Exploits30
Talos
Talos
added 2026/03/18 12:0 a.m.13 views

Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2281 Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability March 18, 2026 CVE Number CVE-2025-66176 SUMMARY A stack-based buffer overflow vulnerability exists in the SADP XML parsin...

8.8CVSS7.9AI score0.00485EPSS
Exploits0
OSV
OSV
added 2026/03/16 2:19 p.m.5 views

CVE-2026-2922

GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS6.3AI score
Exploits0References2
NVD
NVD
added 2026/03/16 2:19 p.m.5 views

CVE-2026-2922

GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS0.00431EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/03/16 11:11 a.m.4 views

CVE-2026-2476 MS Teams plugin sensitive config values not properly masked in support packets

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS5.8AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 11:11 a.m.7 views

CVE-2026-2476

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS5.8AI score0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/03/16 11:11 a.m.25 views

CVE-2026-2476

Mattermost Plugins

7.6CVSS5.8AI score0.0018EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/16 11:11 a.m.24 views

CVE-2026-2476 MS Teams plugin sensitive config values not properly masked in support packets

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions of Mattermost Plugins 2.0.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem fro...

7.6CVSS6.4AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25680

Name of the Vulnerable Software and Affected Versions Mattermost Plugins versions through 2.0.3.0 Description The Mattermost plugins do not properly mask sensitive configuration values. This allows an attacker with access to support packets to obtain original plugin settings through exported...

7.6CVSS5.8AI score0.0018EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS Virtualization 2.10.0 : net-snmp (EulerOS-SA-2026-1561)

According to the versions of the net-snmp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an...

9.8CVSS6.3AI score0.4269EPSS
Exploits2References2
EUVD
EUVD
added 2026/03/13 9:17 p.m.7 views

EUVD-2026-12150

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, The crsfrc parser accepts an oversized variable-length known packet and copies it into a fixed 64-byte global buffer without a bounds check. In deployments where crsfrc is enabled on a CRSF serial port, an...

7.1CVSS6AI score0.00309EPSS
Exploits1References1
CVE
CVE
added 2026/03/13 8:38 p.m.27 views

CVE-2026-2922

CVE-2026-2922 affects GStreamer RealMedia Demuxer. The flaw stems from inadequate validation of user-supplied data in video packet processing, enabling an out-of-bounds write that can lead to arbitrary code execution in the affected process. Public advisories corroborate RCE potential and note re...

7.8CVSS7.7AI score0.00431EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder