Lucene search
K

2169 matches found

NVD
NVD
added 2 days ago8 views

CVE-2026-60109

Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRBERROR message with error-code 25 KDCERRPREAUTHREQUIRED containing a PA-DATA element with padata-type 2, 3,...

8.7CVSS0.00502EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-15173

A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the pcapng file parser, leading to a crash of the application. This denial of service DoS could prevent legitimate users from accessing the service, impacting its availability. Mitigation To mitigate this issue, use...

5.5CVSS6AI score0.00089EPSS
Exploits0References5
CVE
CVE
added 3 days ago7 views

CVE-2026-58207

CVE-2026-58207 affects NATS Server. A client sending account-scoped Connz pagination requests could cause an integer overflow in the pagination logic, crashing the server before the response window is bounded. Affected versions are before 2.14.3 and before 2.12.12; fixed releases are 2.14.3 and 2...

7.7CVSS6AI score0.0056EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 4 days ago6 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS6AI score0.00514EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago14 views

PT-2026-55999

Name of the Vulnerable Software and Affected Versions vLLM versions 0.12.0 through 0.23.x Description A flaw in the EngineCore of the library occurs when a remote authorized user sends a pure prompt embeds payload to the '/v1/completions' endpoint using a model that implements M-RoPE Multimodal...

7.1CVSS6.1AI score0.0037EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.7 views

OpenVPN 2.6.x < 2.6.20 / 2.7.x < 2.7.2 TLS Race Condition

According to its self-reported version number, the version of OpenVPN installed on the remote host is affected by a vulnerability: - A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a...

6.1CVSS6AI score0.00309EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

SUSE SLES16: apache2 / apache2-devel / apache2-event / apache2-manual / etc (SUSE-SU-2026:22209-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22209-1 advisory. This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957...

9.8CVSS7.2AI score0.4581EPSS
Exploits18References34
OSV
OSV
added 2026/06/25 7:16 p.m.4 views

DEBIAN-CVE-2026-56770

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:6 p.m.6 views

CVE-2026-56770

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

8.7CVSS5.9AI score0.00339EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A null pointer dereference flaw was discovered in the Linux kernel’s DECnet networking protocol. This issue could allow a remote user to crash the system...

6.5CVSS6.7AI score0.08091EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2026/06/17 9:22 a.m.6 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.4AI score0.00337EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/06/17 8:1 a.m.8 views

Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash

...

8.8CVSS5.8AI score0.00497EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2026-52719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the...

7.1CVSS6AI score0.00301EPSS
Exploits0References4
CVE
CVE
added 2026/06/14 5:26 p.m.42 views

CVE-2026-54412

CVE-2026-54412 affects LiamBindle MQTT-C up to v1.1.6. The vulnerability is a heap-based out-of-bounds read and integer underflow in mqtt_unpack_publish_response() (src/mqtt.c). A broker-controlled or injected PUBLISH packet can allow a remote unauthenticated attacker to crash a subscribed MQTT-C...

8.8CVSS5.6AI score0.00407EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

SUSE SLES15 Security Update : glibc (SUSE-SU-2026:2333-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2333-1 advisory. This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely...

9.8CVSS5.5AI score0.00451EPSS
Exploits3References10
SUSE CVE
SUSE CVE
added 2026/06/13 2:16 a.m.10 views

SUSE CVE-2026-49759

Stack-based Buffer Overflow vulnerability in Erlang OTP erts inetdrv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctpparseerrorchunk function in erts/emulator/drivers/common/inetdrv.c parses SCTP ERROR chunks and writes cause codes int...

8.8CVSS5.5AI score0.00497EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.24 views

EulerOS Virtualization 2.13.0 : avahi (EulerOS-SA-2026-2394)

According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc...

6.5CVSS5.4AI score0.00252EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.12 views

CVE-2026-46543

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates...

5.3CVSS5.5AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 8:32 p.m.16 views

EUVD-2026-36136

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS5.5AI score0.00539EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/10 8:32 p.m.32 views

CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS0.00539EPSS
Exploits1References2
Rows per page
Query Builder