Lucene search
K

157 matches found

NVD
NVD
added 2026/05/13 4:16 p.m.17 views

CVE-2026-42920

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:12 p.m.10 views

CVE-2026-42920

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/13 2:12 p.m.24 views

CVE-2026-42920

CVE-2026-42920 affects BIG-IP DTLS: when a Client SSL profile has Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, resulting in a DoS as TMM restarts. The F5 advisory notes this is a data-plane issue with rem...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1Affected Software21
Cvelist
Cvelist
added 2026/05/13 2:12 p.m.31 views

CVE-2026-42920 BIG-IP DTLS Vulnerability

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 2:12 p.m.7 views

CVE-2026-42920 BIG-IP DTLS Vulnerability

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2026/05/13 12:19 p.m.10 views

K000160901: BIG-IP DTLS vulnerability CVE-2026-42920

Security Advisory Description When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2026-42920 Impact Traffic is disrupted while the TMM process restarts. This...

8.7CVSS5.7AI score0.00263EPSS
Exploits0Affected Software11
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40675

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic ca...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/07 12:20 a.m.9 views

Netty Lz4FrameDecoder is vulnerable to resource exhaustion

Summary Lz4FrameDecoder allocates a ByteBuf of size decompressedLength up to 32 MB per block before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if compressedLength == 1 - to force that allocation. Details...

7.5CVSS5.8AI score0.00429EPSS
Exploits1References3Affected Software2
EUVD
EUVD
added 2026/05/06 12:30 p.m.22 views

EUVD-2026-27804

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...

5.8AI score0.00126EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/04/27 1:21 a.m.6 views

CVE-2026-41667

Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0...

6.6CVSS5.5AI score0.00162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-31641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes eac...

7.8CVSS7.3AI score0.00143EPSS
Exploits0References2
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

7.8CVSS0.00143EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/04/24 2:44 p.m.5 views

CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

7.8CVSS5.6AI score0.00143EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:44 p.m.4 views

CVE-2026-31630

In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...

5.5AI score0.00132EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/24 2:44 p.m.4 views

EUVD-2026-25523

In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...

5.5AI score0.00132EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/24 2:44 p.m.4 views

CVE-2026-31630

In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...

7.8CVSS5.4AI score0.00132EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/23 6:5 p.m.9 views

CVE-2026-41078 OpenTelemetry dotnet: Potential memory exhaustion via unbounded pooled-list sizing in Jaeger exporter conversion path

OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the internal pooled-list sizing grows based on a large observed span/tag set and that enlarged size is reused for subsequent allocations. Under...

5.9CVSS5.7AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/23 6:5 p.m.33 views

CVE-2026-41078 OpenTelemetry dotnet: Potential memory exhaustion via unbounded pooled-list sizing in Jaeger exporter conversion path

OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the internal pooled-list sizing grows based on a large observed span/tag set and that enlarged size is reused for subsequent allocations. Under...

5.9CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 2026/04/23 6:5 p.m.25 views

CVE-2026-41078

OpenTelemetry dotnet CVE-2026-41078 affects OpenTelemetry.Exporter.Jaeger (pre-1.6.0-rc.1 and earlier). The issue: memory pressure caused by unbounded pooled-list sizing in the Jaeger exporter conversion path, where oversized allocations from large span/tag sets can be reused for later allocation...

5.9CVSS5.7AI score0.00222EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder