19 matches found
CVE-2026-37229
FlexRIC v2.0.0 contains a reachable assertion in e2apcreatepdu triggered when ASN.1 PER decoding fails. A remote unauthenticated attacker can send any non-PER byte sequence e.g., a single 0x00 byte over SCTP to the near-RT RIC port 36421 or iApp port 36422 to crash the process via SIGABRT. The...
EUVD-2026-29033
Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...
CVE-2026-27028
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then...
EUVD-2025-203669
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...
Linux Distros Unpatched Vulnerability : CVE-2018-14625
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition betwe...
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
SUSE CVE-2023-52986
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of tcpbpfprots when cloning a listener A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. The variant depends on the socket'...
CVE-2023-52986
CVE-2023-52986 is a Linux kernel issue affecting bpf, sockmap where a listening socket linked to a sockmap can have its sk_prot overridden to a variant in tcp_bpf_prots. The root cause is that cloning a child from a TCP listener checked only for the TCP_BPF_BASE proto variant, whereas the listene...
kernel: data races around sk->sk_prot
A data race problem was found in sk-skprot in the network subsystem in ipv6 in the Linux kernel. This issue occurs while some functions access critical data, leading to a denial of service...
CVE-2022-3629
A memory leak flaw was found in the Linux kernel’s Virtual Socket Protocol. This flaw allows a local user to crash the system...
UBUNTU-CVE-2018-14625
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect and close function may allow an attacker using the AFVSOCK protocol to gather a 4 byte information leak or possibly intercept o...
glusterfs: fragment header infinite loop DoS
A denial of service flaw was found in the way the socketprotostatemachine function of glusterfs processed certain fragment headers. A remote attacker could send a specially crafted fragment header that, when processed, would cause the glusterfs process to enter an infinite loop...
Time and Expense Management System - Multiple Vulnerabilities
Time and Expense Management System - Multiple Vulnerabilities ------------------------------------------------------------------------ Software................Time and Expense Management System Vulnerability...........Command Injection Threat Level............Very Critical 5/5...
SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3433 / 3436 / 3445)
This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings the kernel to 2.6.32.24 and fixes some critical security bugs and other non-security bugs. Following security bugs were fixed : - A iovec integer overflow in RDS sockets was fixed which could lead to local attackers gaining kern...
QuickPHP Web Server 1.9.1 Directory Traversal
------------------------------------------------------------------------ Software................QuickPHP Web Server 1.9.1 Vulnerability...........Directory Traversal Download................http://www.zachsaw.co.cc/?pg=quickphpphptesterdebugger Release Date............12/27/2010 Tested...