Lucene search
K

172 matches found

NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53186

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

9.1CVSS0.00544EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39277

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

6AI score0.00544EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:38 a.m.10 views

CVE-2026-53186

CVE-2026-53186 affects the Linux kernel SRP path in RDMA: the SRP_RSP data length (resp_data_len) is not bounded by the actual received bytes, risking an out-of-bounds read when processing sense data. The copy is capped to 96 bytes, but the source offset can point far past the received data, pote...

9.1CVSS6AI score0.00544EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fixed NULL pointer dereferencing for SRP. If the external PHY working together with phy-omap-usb2 does not implement sendsrp, we may still attempt to call it. This can occur on an idle Ethernet device that...

5.5CVSS6.2AI score0.00295EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd-result only when scmnd is not NULL. This change fixes the following kernel NULL pointer dereference, which is occasionally reproduced by blktests srp/007. Bug: Kernel NULL pointer dereference, address:...

5.5CVSS5.4AI score0.00225EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.9 views

CVE-2026-45542

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...

7.1CVSS5.7AI score0.00325EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48353

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handle session command0 in...

7.1CVSS5.7AI score0.00325EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/02 12:31 p.m.4 views

EUVD-2026-18173

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary dat...

7.2CVSS6AI score0.005EPSS
Exploits0References3
CVE
CVE
added 2026/04/02 8:59 a.m.12 views

CVE-2026-33613

CVE-2026-33613 concerns MB Connect Line mbCONNECT24 with a remote code execution in the generateSrpArray function caused by improper neutralisation of special elements in an OS command. The vulnerability allows an attacker to achieve full system compromise, but only if there is another path to wr...

8.8CVSS6AI score0.005EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.4 views

CVE-2026-3559

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

8.1CVSS7.3AI score0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/21 12:46 p.m.26 views

CVE-2019-25557 TwistedBrush Pro Studio 24.06 Denial of Service via srp File

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to...

6.9CVSS0.00176EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/21 12:46 p.m.9 views

CVE-2019-25557

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to...

6.9CVSS6AI score0.00176EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/16 3:30 p.m.6 views

EUVD-2026-12160

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

8.1CVSS5.9AI score0.00396EPSS
Exploits0References2
CVE
CVE
added 2026/03/13 8:36 p.m.17 views

CVE-2026-3559

Philips Hue Bridge is affected by a vulnerability in the HomeKit Accessory Protocol SRP authentication, due to a static nonce value that allows authentication bypass. The issue occurs in the SRP configuration used by the service listening on TCP port 8080 by default. Evidence from multiple source...

8.1CVSS7.3AI score0.00396EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/27 12:41 a.m.7 views

CVE-2026-27847

Due to improper neutralization of special elements, SQL statements can be injected via the handshake of a TLS-SRP connection. This can be used to inject known credentials into the database that can be utilized to successfully complete the handshake and use the protected service. This issue affect...

9.8CVSS5.7AI score0.0032EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 6:31 p.m.6 views

EUVD-2026-8649

Due to improper neutralization of special elements, SQL statements can be injected via the handshake of a TLS-SRP connection. This can be used to inject known credentials into the database that can be utilized to successfully complete the handshake and use the protected service. This issue affect...

5.7AI score0.0032EPSS
Exploits0References2
NVD
NVD
added 2026/02/25 5:25 p.m.13 views

CVE-2026-27849

Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

9.8CVSS0.00314EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/25 4:20 p.m.3 views

CVE-2026-27849 Missing neutralization in Linksys MR9600, Linksys MX4200

Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

5.5AI score0.00314EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:20 p.m.3 views

CVE-2026-27849

Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

9.8CVSS5.5AI score0.00314EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/02/25 3:15 p.m.33 views

CVE-2026-27848 Missing neutralization in Linksys MR9600, Linksys MX4200

Due to missing neutralization of special elements, OS commands can be injected via the handshake of a TLS-SRP connection, which are ultimately run as the root user. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

0.0032EPSS
Exploits0References1
Rows per page
Query Builder