14783 matches found
CLSA-2026-1771241609 kernel: Fix of 13 CVEs
vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...
📄 Saturn Remote Mouse Server 1 Command Injection
A service component of Saturn Remote Mouse Server listens for unauthenticated UDP JSON-like frames on UDP port 27000. Improper input handling allows specially crafted frames to cause execution of arbitrary commands within the context of the service process, resulting in remote code execution on t...
USN-8046-1: FRR vulnerabilities
It was discovered that FRR incorrectly handled certain malformed OSPF and update packets. A remote attacker could possibly use these issues to cause FRR to crash, resulting in a denial of service...
USN-8046-1 frr vulnerabilities
It was discovered that FRR incorrectly handled certain malformed OSPF and update packets. A remote attacker could possibly use these issues to cause FRR to crash, resulting in a denial of service...
Juniper Junos OS Vulnerability (JSA100087)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100087 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allow...
kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial of service
A flaw was found in the ALSA USB audio driver of the Linux kernel. This vulnerability, a buffer overflow, occurs when the size of the Pulse-Code Modulation PCM stream data packets exceeds the maximum allowed by the USB descriptor. A local attacker could exploit this by providing specially crafted...
OpenSSL 3.x QUIC Initial Packet Builder / Sender
This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...
CVE-2026-23154
In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKBGSODODGY flag for fraglist GSO packets, addressing low throughput issues observed when a station accesses IPv4...
CVE-2026-23154
In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKBGSODODGY flag for fraglist GSO packets, addressing low throughput issues observed when a station accesses IPv4...
CVE-2026-23154 net: fix segmentation of forwarding fraglist GRO
In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKBGSODODGY flag for fraglist GSO packets, addressing low throughput issues observed when a station accesses IPv4...
CVE-2026-23154
CVE-2026-23154 concerns the Linux kernel fix for segmentation of forwarding fraglist GRO. The description explains that GRO packets containing a frag_list could be mishandled during GSO segmentation because skb_segment_list cannot correctly process GRO skbs converted by XLAT (which translates onl...
CVE-2025-48019
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...
CVE-2025-48020
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...
CVE-2025-48021
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...
SUSE CVE-2026-26076
ntpd-rs is a full-featured implementation of the Network Time Protocol. Prior to 1.7.1, an attacker can remotely induce moderate increases 2-4 times above normal in cpu usage. When having NTS enabled on an ntpd-rs server, an attacker can create malformed NTS packets that take significantly more...
Ubuntu 25.10 : HAProxy vulnerability (USN-8036-1)
The remote Ubuntu 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8036-1 advisory. Asim Viladi Oglu Manizada discovered that HAProxy incorrectly handled certain INITIAL packets. A remote attacker could possibly use this issue to cause HAProxy to...
GHSA-7587-4WV6-M68M rPGP vulnerable to parser crash on crafted RSA secret key packets through CVE-2026-21895
Summary It was possible to trigger an unhandled edge case in the Rust Crypto rsa crate through rPGP packet parsing functionality, and crash the process that runs rPGP. This problem has been patched in a new rsa version. The new release of rPGP ensures a patched version of the rsa crate is in use,...
CVE-2025-48021
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...
CVE-2025-48022
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...
CVE-2025-48022
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...