CVE-2026-37229

FlexRIC v2.0.0 contains a reachable assertion in e2apcreatepdu triggered when ASN.1 PER decoding fails. A remote unauthenticated attacker can send any non-PER byte sequence e.g., a single 0x00 byte over SCTP to the near-RT RIC port 36421 or iApp port 36422 to crash the process via SIGABRT. The...

SUSE CVE-2026-43184

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

EUVD-2026-27744

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

CVE-2026-43184

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

CVE-2026-43184

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

CVE-2026-43184

CVE-2026-43184 affects the Linux kernel component rnbd-srv. The root cause is failing to clear the response buffer before sending data, which could allow a remote client to receive unintended data when exchanging messages across protocol versions. Multiple vendors have patched this vulnerability ...

CVE-2026-43184 rnbd-srv: Zero the rsp buffer before using it

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

PT-2026-37524

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

CVE-2026-33797 Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

Crypt-SSLeay

This is a Perl module called Crypt::SSLeay, which provides OpenSSL support for LWP Library for WWW in Perl. The module is used to handle SSL/TLS connections and is part of the LWP distribution. The module has a version of 0.7304 and is maintained by A. Sinan Unur, David Landgren, Joshua Chamas, a...

Fuchsia 安全漏洞

Fuchsia is an open source general purpose operating system. Fuchsia suffers from a security vulnerability that stems from a network protocol header field generation algorithm that could lead to TCP ISN, TCP timestamps, TCP/UDP source ports, and IPv4/IPv6 segment IDs being guessed...

PT-2024-7137

Name of the Vulnerable Software and Affected Versions Junos OS Evolved versions prior to 21.4R3-S8-EVO Junos OS Evolved versions from 22.2 before 22.2R3-S4-EVO Junos OS Evolved versions from 22.3 before 22.3R3-S4-EVO Junos OS Evolved versions from 22.4 before 22.4R3-S3-EVO Junos OS Evolved versio...

Firmware update for RICOH JavaTM Platform resets the TLS configuration

Overview JavaTM Platform provided by Ricoh Company, Ltd. is the execution environment for firmware extensions of Ricoh MFPs and printers, providing TLS Transport Layer Security communication mechanism. When the firmware for JavaTM Platform is updated from Ver.12.89 or earlier versions to a newer...

Design/Logic Flaw

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

CVE-2023-6129

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

Security Bulletin: Due to use of Apache Log4j, IBM QRadar SIEM is affected by arbitrary code execution (CVE-2019-17571, CVE-2021-44832, CVE-2021-4104)

Summary IBM QRadar SIEM is affected by arbitrary code execution due to Apache Log4j CVE-2019-17571, CVE-2021-44832, CVE-2021-4104. Apache Log4j is used by IBM QRadar SIEM as part of its logging infrastructure. The fix includes Apache Log4j 2.17.2 Vulnerability Details CVEID:CVE-2019-17571...

CVE-2022-20623

A vulnerability in the rate limiter for Bidirectional Forwarding Detection BFD traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is due to a logic error ...

openflow-info NSE Script

Queries OpenFlow controllers for information. Newer versions of the OpenFlow protocol 1.3 and greater will return a list of all protocol versions supported by the controller. Versions prior to 1.3 only return their own version number. For additional information: Example Usage nmap -p 6633,6653...

Security Bulletin: Vulnerabilities disclosed by OpenSSL project on August 6, 2014 that impact DataPower (CVE-2014-3508 and CVE-2014-3511)

Summary There were multiple vulnerabilities disclosed on August 6, 2014 by the OpenSSL Project. Two of them impact DataPower appliances. Vulnerability Details CVE-ID: CVE-2014-3508 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in OBJobj2txt...

CVE-2018-0455

A vulnerability in the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. ...