Astra Linux - уязвимость в openvswitch

A flaw was discovered in OpenVSwitch OVS. When processing an IP packet with protocol 0, OVS will install a datapath flow without modifying the IP header. This issue results in the installation of a datapath flow that matches all IP protocols with “nwproto” set to wildcard, but with an incorrect...

CVE-2026-39864 Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

CVE-2020-37216

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

PT-2026-27790

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the DHCP snooping feature that may allow a remote attacker to forward BOOTP packets between VLANs, leading to a denial of service DoS. This is caused by imprope...

CVE-2026-1874

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

CVE-2025-11617

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...

EUVD-2019-2036

Malware in sbrugna...

kernel: sctp: linearize cloned gso packets in sctp_rcv

A flaw use of uninitialized memory uncontrolled and invisible by attacker in the Linux kernel SCTP transport protocol was found in the way user triggers malicious SCTP packets. A remote user could use this flaw to crash the system. The bug actual only for systems where SCTP protocol being enabled...

PT-2025-34703

Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: Maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for...

Linux Distros Unpatched Vulnerability : CVE-2023-1668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header...

gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer bei...

CVE-2025-21595

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause an FPC to crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved...

PT-2025-6804 · Schneider Electric · Enerlin'X Ife Interface

Name of the Vulnerable Software and Affected Versions: Schneider Electric - Enerlin’X IFE interface LV434001 versions All Description: A Denial-of-Service issue exists due to improper input validation, which can be triggered by sending malicious IPV6 packets to the device. This could cause the...

net: usb: qmi_wwan: fix memory leak for not ip packets

...

PT-2024-15189 · Zephyr Os · Zephyr Os

Name of the Vulnerable Software and Affected Versions: Zephyr OS affected versions not specified Description: The issue concerns the handling of IP packets in Zephyr OS. Specifically, it does not properly drop IP packets arriving on an external interface with a source address equal to 127.0.0.1 o...

CVE-2024-21599

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. If an MX Series device receives PTP packets on an MPC3E that doesn't...

UBUNTU-CVE-2021-43612

In lldpd before 1.0.13, when decoding SONMP packets in the sonmpdecode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets...

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...