215 matches found
EUVD-2026-35479
Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...
EUVD-2026-35727
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...
lwip-2026-pocs
lwip-2026-pocs Proof-of-concept exploits from the xchglabs...
AgentRFC: Security Design Principles and Conformance Testing for Agent Protocols
AI agent protocols -- including MCP, A2A, ANP, and ACP -- enable autonomous agents to discover capabilities, delegate tasks, and compose services across trust boundaries. Despite massive deployment MCP alone has 97M+ monthly SDK downloads, no systematic security framework for these protocols...
CVE-2026-21870
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
CVE-2026-21870
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
CVE-2026-21870 The BACnet Protocol Stack library has an Off-by-one Stack-based Buffer Overflow in tokenizer_string
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
CVE-2026-21870 The BACnet Protocol Stack library has an Off-by-one Stack-based Buffer Overflow in tokenizer_string
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
EUVD-2026-5920
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
CVE-2026-21870 The BACnet Protocol Stack library has an Off-by-one Stack-based Buffer Overflow in tokenizer_string
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
BACnet Protocol Stack 安全漏洞
BACnet Protocol Stack is a library suitable for various platforms, designed to provide communication services at the BACnet application layer, network layer, and Media Access Layer MAC. Versions of BACnet Protocol Stack such as 1.4.2, 1.5.0.rc2, and earlier versions have security vulnerabilities...
PT-2026-8018
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free
A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
Inbit Messenger 安全漏洞
Inbit Messenger is an instant messaging suite for corporate intranets from Inbit. A security vulnerability exists in Inbit Messenger versions 4.6.0 through 4.9.0, which stems from a protocol stack overflow that could allow an unauthenticated attacker to execute arbitrary commands...
CVE-2019-12480
BACnet Protocol Stack through 0.8.6 has a segmentation fault leading to denial of service in BACnet APDU Layer because a malformed DCC in AtomicWriteFile, AtomicReadFile and DeviceCommunicationControl services. An unauthenticated remote attacker could cause a denial of service bacserv daemon cras...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper detection of BPF protocol fallbacks, which could lead to abnormal protocol stack handling...
PT-2025-51236
A security issue was found in the IPv6 stack in the Micro850 and Micro870 controllers when the controllers received multiple malformed packets during fuzzing. The controllers will go into recoverable fault with fault code 0xFE60. To recover the controller, clear the fault...
CVE-2025-66624
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. Prior to 1.5.0.rc2, The npduisexpectedreply function in src/bacnet/npdu.c indexes requestpduoffset+2/3/5 and replypduoffset+1/2/4 without verifying that those APDU...
CVE-2025-66624 BACnet-stack MS/TP reply matcher OOB read
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. Prior to 1.5.0.rc2, The npduisexpectedreply function in src/bacnet/npdu.c indexes requestpduoffset+2/3/5 and replypduoffset+1/2/4 without verifying that those APDU...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...