Lucene search
+L

372 matches found

osv
osv
added 2026/07/09 12:53 p.m.3 views

OESA-2026-2943 socat security update

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:53 p.m.2 views

OESA-2026-2942 socat security update

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2
osv
osv
added 2026/07/03 9:7 a.m.4 views

ROOT-OS-DEBIAN-13-CVE-2026-56123 CVE-2026-56123 in rootio-socat - Patched by Root

Root has patched CVE-2026-56123 in the rootio-socat package for Root:Debian:13. Multiple fixed versions available...

9.8CVSS5.9AI score0.00308EPSS
Exploits0
osv
osv
added 2026/06/29 12:0 a.m.2 views

OPENSUSE-SU-2026:11151-1 socat-1.8.1.3-1.1 on GA media

These are all security issues fixed in the socat-1.8.1.3-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS5.8AI score0.00308EPSS
Exploits0References1
nessus
nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-56123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References3
nvd
nvd
added 2026/06/25 5:17 p.m.9 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS0.00308EPSS
Exploits0References2
osv
osv
added 2026/06/25 5:17 p.m.3 views

DEBIAN-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References1
osv
osv
added 2026/06/25 5:17 p.m.3 views

ALPINE-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References1
osv
osv
added 2026/06/25 5:17 p.m.3 views

UBUNTU-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/25 3:43 p.m.38 views

CVE-2026-56123 socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS0.00308EPSS
Exploits0References2
euvd
euvd
added 2026/06/25 3:43 p.m.5 views

EUVD-2026-39455

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 3:43 p.m.6 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/06/25 3:43 p.m.27 views

CVE-2026-56123

CVE-2026-56123 affects socat versions 1.8.0.0 through 1.8.1.1. A signed-char sign-extension bug in the DOMAINNAME reply parser during SOCKS5 handshake allows a negative bytes_to_read value to be implicitly converted to size_t, causing an unbounded heap write into a 262-byte reply buffer. This res...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/06/25 3:43 p.m.5 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0
alpinelinux
alpinelinux
added 2026/06/25 3:43 p.m.7 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2
metasploit
metasploit
added 2026/06/18 7:1 p.m.180 views

OS Command Exec, Unix Command Shell, Bind TCP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/bindsocattcp msf payloadbindsocattcp show actions ...actions... msf payloadbindsocattcp set ACTION msf payloadbindsocattcp show options ...show and set options... msf...

5.9AI score
Exploits0
metasploit
metasploit
added 2026/06/18 7:1 p.m.169 views

Unix Command Shell, Bind TCP (via socat)

Creates an interactive shell via socat Module Options msf use payload/cmd/unix/bindsocattcp msf payloadbindsocattcp show actions ...actions... msf payloadbindsocattcp set ACTION msf payloadbindsocattcp show options ...show and set options... msf payloadbindsocattcp run This module requires...

9.2CVSS5.9AI score0.24469EPSS
Exploits3
nessus
nessus
added 2026/05/27 12:0 a.m.13 views

Amazon Linux 2 : socat, --advisory ALAS2-2026-3303 (ALAS-2026-3303)

The version of socat installed on the remote host is prior to 1.7.3.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3303 advisory. readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Tenable has extracted the preceding...

9.8CVSS5.8AI score0.008EPSS
Exploits0References4
amazon
amazon
added 2026/05/26 12:0 a.m.13 views

Low: socat

Issue Overview: readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Affected Packages: socat Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

9.8CVSS6.8AI score0.008EPSS
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Socat

readline.sh in Socat version before1.8.0.2 relies on the /tmp/$USER/stderr2 file...

9.8CVSS6.8AI score0.008EPSS
Exploits0References2
Rows per page
Query Builder