Lucene search
K

1134 matches found

NVD
NVD
added 2026/06/29 12:16 p.m.7 views

CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS0.00751EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 11:45 a.m.34 views

CVE-2026-13564 Edimax EW-7478APC POST Request formPPPoESetup stack-based overflow

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS0.00751EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 11:45 a.m.16 views

CVE-2026-13564

Summary: CVE-2026-13564 affects Edimax EW-7478APC firmware 1.04, specifically the POST Request Handler’s formPPPoESetup function. Manipulating the pppUserName argument triggers a stack-based buffer overflow, enabling remote attacker access. Public exploit reportedly exists and the vendor did not ...

9CVSS7.9AI score0.00751EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.6 views

CVE-2026-53003

A flaw was found in the Linux kernel's Point-to-Point Protocol over Ethernet PPPoE driver. A remote attacker or a peer with a misconfigured implementation could send specially crafted Protocol Field Compression PFC frames. This could lead to a one-byte shift in the PPP payload, causing a four-byt...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative...

8.8CVSS6AI score0.00182EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38871

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

5.7AI score0.00508EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53075

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

8.8CVSS0.00182EPSS
Exploits1References8
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53003

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

7.5CVSS0.00508EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.29 views

CVE-2026-53075 ppp: require CAP_NET_ADMIN in target netns for unattached ioctls

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

8.8CVSS0.00182EPSS
Exploits1References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38943

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

5.7AI score0.00182EPSS
Exploits1References8
CVE
CVE
added 2026/06/24 4:30 p.m.12 views

CVE-2026-53075

The CVE-2026-53075 issue affects the Linux kernel PPP subsystem. A local unprivileged user can create a new user namespace (CLONE_NEWUSER), obtain CAP_NET_ADMIN only in that namespace, and still perform unattached PPP administrative IOCTLs (PPPIOCNEWUNIT, PPPIOCATTACH, PPPIOCATTCHAN) against an i...

8.8CVSS5.7AI score0.00182EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.32 views

CVE-2026-53003 pppoe: drop PFC frames

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

7.5CVSS0.00508EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:29 p.m.1 views

CVE-2026-53003 pppoe: drop PFC frames

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References11
OSV
OSV
added 2026/06/23 1:7 p.m.4 views

OPENSUSE-SU-2026:21154-1 Security update for ofono

This update for ofono fixes the following issues: Changes in ofono: - Reference the tracking bugs for the SMS/STK/USSD decoder security fixes applied upstream across the 2.14-2.17 updates: SMS decoder stack buffer overflows: CVE-2023-2794 boo1218292, CVE-2023-4232 boo1218293, CVE-2023-4233...

8.1CVSS6.8AI score0.0124EPSS
Exploits4References32
ATTACKERKB
ATTACKERKB
added 2026/06/21 7:45 p.m.6 views

CVE-2026-12807

A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack...

6.5CVSS6.4AI score0.01182EPSS
Exploits0References5Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the HDLCPPP module of the Linux kernel in versions prior to 5.9-rc7. Memory corruption and a read overflow occur due to improper input validation in the pppcpparsecr function, which can cause the system to crash or lead to a denial of service. The greatest threat posed by...

7.5CVSS6.6AI score0.03292EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 3:46 p.m.14 views

EUVD-2026-35171

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.4AI score0.00389EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:46 p.m.6 views

CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.3AI score0.00389EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.53 views

CVE-2026-46306 flow_dissector: do not dissect PPPoE PFC frames

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

7.5CVSS0.00389EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 3:46 p.m.2 views

CVE-2026-46306 flow_dissector: do not dissect PPPoE PFC frames

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

7.5CVSS6.5AI score0.00389EPSS
Exploits0References11
Rows per page
Query Builder