Lucene search
K

405 matches found

Cvelist
Cvelist
added 2026/05/12 4:58 p.m.37 views

CVE-2026-35424 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

...

7.5CVSS0.01187EPSS
Exploits0References1
CVE
CVE
added 2026/05/05 5:45 p.m.36 views

CVE-2026-7853

CVE-2026-7853 affects D-Link DI-8100 with firmware 16.07.26A1. The weakness lies in the HTTP Handler’s /auto_reboot.asp, where the function sprintf mishandles the enable/time argument, causing a buffer overflow. This design flaw enables remote exploitation, and public exploit access is indicated ...

10CVSS7.7AI score0.01515EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/04/30 7:16 a.m.9 views

CVE-2026-6520

OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS0.00171EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/30 5:39 a.m.4 views

EUVD-2026-26315

ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00122EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36041

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description An infinite loop in the UDS protocol dissector allows for a denial of service. Recommendations Update Wireshark versions 4.6.0 through 4.6.4 to a versio...

8.8CVSS6AI score0.0039EPSS
Exploits43References49
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.13 views

PT-2026-36107

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description The SAML IdP implementation in the SSO module uses the AssertionConsumerServiceURL value from incoming SAML AuthnRequest messages as the destination for the SAML response without validating it agains...

8.2CVSS5.9AI score0.0028EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/10 7:43 p.m.19 views

CVE-2026-40188 goshs is Missing Write Protection for Parametric Data Values

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...

7.7CVSS0.00318EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.14 views

elixir-nodejs 竞争条件问题漏洞

Elixir-nodejs is an open-source project by Revelry that serves as an Elixir API for calling Node.js functions. Versions of elixir-nodejs prior to 3.1.4 contained a race condition vulnerability. This vulnerability stemmed from race conditions in the working protocol, which led to the loss of...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/10 10:18 a.m.9 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in http2-common (CVE-2025-5115)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-5115 of http2-common-11.0.24.jar. Vulnerability Details CVEID:CVE-2025-5115 DESCRIPTION: In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21, =12.1.0.alpha2, an HTTP/2 client may trigger the server to send...

7.7CVSS5.8AI score0.01567EPSS
Exploits0Affected Software1
AlmaLinux
AlmaLinux
added 2026/03/10 12:0 a.m.10 views

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6CVSS7.1AI score0.0056EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.9 views

PT-2026-23777

Name of the Vulnerable Software and Affected Versions Philips Hue Bridge affected versions not specified Description A security issue exists in the Philips Hue Bridge related to the HomeKit Accessory Protocol. Specifically, a static nonce authentication bypass is possible. This allows an attacker...

8.1CVSS7.2AI score0.00396EPSS
Exploits0References4
OSV
OSV
added 2026/03/04 7:33 p.m.2 views

SUSE-SU-2026:0810-1 Security update for wireshark

This update for wireshark fixes the following issue: - CVE-2026-3201: USB HID protocol dissector memory exhaustion bsc1258907...

7.5CVSS5.9AI score0.00184EPSS
Exploits2References3
Snyk
Snyk
added 2026/02/26 10:20 p.m.6 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict in the JSON-RPC and MCP protocol message parsing. An attacker can bypass intermediary inspection or cause cross-implementation inconsistencies by sending protocol messages with non-standard field casing or Unicod...

8.7CVSS6AI score0.00255EPSS
Exploits0References3
CVE
CVE
added 2026/02/25 4:26 p.m.19 views

CVE-2026-20048

Cisco Nexus 9000 Series Fabric Switches (ACI mode) SNMP subsystem is vulnerable to crafted SNMP requests, causing kernel panic, reload, and DoS. The issue stems from improper SNMP request parsing. Exploitation requires valid credentials: read-only SNMP community strings for SNMPv1/2c, or valid SN...

7.7CVSS5.7AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/29 3:26 a.m.20 views

CVE-2026-24785

Clatter is a nostd compatible, pure Rust implementation of the Noise protocol framework with post-quantum support. Versiosn prior to2.2.0 have a protocol compliance vulnerability. The library allowed post-quantum handshake patterns that violated the PSK validity rule Noise Protocol Framework...

9.3CVSS5.8AI score0.00122EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/01/20 9:5 p.m.8 views

Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

9.2CVSS7.3AI score0.00193EPSS
Exploits2References40
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.7 views

MiracleLinux 3 : ruby-1.8.5-5.7.1AXS3 (AXSA:2009-78:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-78:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...

6.8CVSS6.9AI score0.08375EPSS
Exploits4References4
Ubuntu
Ubuntu
added 2026/01/07 12:40 p.m.10 views

USN-7944-1: Net-SNMP vulnerability

Bahae Bahrini discovered that Net-SNMP could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

9.8CVSS5.8AI score0.4269EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.9 views

CVE-2019-16110

The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream...

8.1CVSS8.1AI score0.01691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:26 a.m.8 views

CVE-2019-12175

In Zeek Network Security Monitor formerly known as Bro before 2.6.2, a NULL pointer dereference in the Kerberos aka KRB protocol parser leads to DoS because a case-type index is mishandled...

7.5CVSS6.7AI score0.01411EPSS
Exploits0References1
Rows per page
Query Builder