CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2158 matches found

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.4AI score0.00337EPSS

Exploits0References5

Tenable Nessus•added 5 days ago•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-52719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the...

7.1CVSS5.6AI score0.00277EPSS

Exploits0References4

CVE•added 6 days ago•16 views

CVE-2026-54412

CVE-2026-54412 affects LiamBindle MQTT-C up to v1.1.6. The vulnerability is a heap-based out-of-bounds read and integer underflow in mqtt_unpack_publish_response() (src/mqtt.c). A broker-controlled or injected PUBLISH packet can allow a remote unauthenticated attacker to crash a subscribed MQTT-C...

8.8CVSS5.6AI score0.00407EPSS

Exploits0References4

Tenable Nessus•added 6 days ago•4 views

SUSE SLES15 Security Update : glibc (SUSE-SU-2026:2333-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2333-1 advisory. This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely...

9.8CVSS5.5AI score0.00451EPSS

Exploits3References10

SUSE CVE•added 2026/06/13 2:16 a.m.•6 views

SUSE CVE-2026-49759

Stack-based Buffer Overflow vulnerability in Erlang OTP erts inetdrv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctpparseerrorchunk function in erts/emulator/drivers/common/inetdrv.c parses SCTP ERROR chunks and writes cause codes int...

8.8CVSS5.5AI score0.00466EPSS

Exploits0References3

Tenable Nessus•added 2026/06/12 12:0 a.m.•7 views

EulerOS Virtualization 2.13.0 : avahi (EulerOS-SA-2026-2394)

According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc...

6.5CVSS5.4AI score0.00252EPSS

Exploits1References3

RedhatCVE•added 2026/06/11 2:59 a.m.•7 views

CVE-2026-46543

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates...

5.3CVSS5.5AI score0.00291EPSS

Exploits0References1

EUVD•added 2026/06/10 8:32 p.m.•13 views

EUVD-2026-36136

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS5.5AI score0.00369EPSS

Exploits1References2

Cvelist•added 2026/06/10 8:32 p.m.•27 views

CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)

7.5CVSS0.00369EPSS

Exploits1References2

Cvelist•added 2026/06/10 2:35 p.m.•26 views

CVE-2026-49759 Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash

8.8CVSS0.00466EPSS

Exploits0References5

OSV•added 2026/06/10 2:35 p.m.•6 views

EEF-CVE-2026-49759 Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash

Summary Stack-based Buffer Overflow vulnerability in Erlang OTP erts inet\drv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctp\parse\error\chunk function in erts/emulator/drivers/common/inet\drv.c parses SCTP ERROR chunks and writes...

8.8CVSS5.6AI score0.00466EPSS

Exploits0References4

CVE•added 2026/06/10 2:35 p.m.•25 views

CVE-2026-49759

CVE-2026-49759 affects Erlang OTP erts inet_drv SCTP error handling. The sctp_parse_error_chunk() writes cause codes into a fixed-size stack-allocated spec[] without bounds checks, allowing a remote attacker who has SCTP access to overflow the stack and crash the BEAM VM (DoS). A crafted SCTP ERR...

8.8CVSS5.6AI score0.00466EPSS

Exploits0References5Affected Software2

SUSE Linux•added 2026/06/10 8:42 a.m.•3 views

Security update for glibc

This update for glibc fixes the following issues CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. CVE-2026-5928: libio: ungetwc could...

8.7CVSS5.5AI score0.00451EPSS

Exploits3References12

SUSE CVE•added 2026/06/10 2:28 a.m.•4 views

SUSE CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00481EPSS

Exploits0References3

Vulnrichment•added 2026/06/10 12:25 a.m.•7 views

CVE-2026-45541 ESF-IDF: Remote Null Pointer Dereference in WebSocket Server

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...

7.5CVSS5.4AI score0.00439EPSS

Exploits0References7