Lucene search
K

74126 matches found

Snyk
Snyk
added 2026/04/03 4:2 a.m.3 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.2 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 4:2 a.m.8 views

Antrea has Missing Encryption of Sensitive Data

Impact This is a missing encryption vulnerability CWE-311 affecting inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fails to apply encryption for IPv6 Pod traffic. While the IPv4 traffic is correctl...

7.5CVSS5.8AI score0.00121EPSS
Exploits0References7Affected Software1
Snyk
Snyk
added 2026/04/03 4:2 a.m.1 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.1 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/04/03 4:2 a.m.11 views

GHSA-QCMW-8MM4-4P28 Antrea has Missing Encryption of Sensitive Data

Impact This is a missing encryption vulnerability CWE-311 affecting inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fails to apply encryption for IPv6 Pod traffic. While the IPv4 traffic is correctl...

7.5CVSS5.8AI score0.00121EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.5 views

PT-2026-30273

Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...

6.9CVSS6.1AI score0.00395EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30013

Name of the Vulnerable Software and Affected Versions Antrea versions prior to 2.4.5 and 2.5.2 Description Antrea, a Kubernetes networking solution, has a missing encryption issue affecting inter-Node Pod traffic. In dual-stack networking clusters with IPsec encryption enabled...

7.5CVSS5.8AI score0.00121EPSS
Exploits0References11
GitLab Advisory Database
GitLab Advisory Database
added 2026/04/03 12:0 a.m.8 views

Antrea has Missing Encryption of Sensitive Data

This is a missing encryption vulnerability CWE-311 affecting inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fails to apply encryption for IPv6 Pod traffic. While the IPv4 traffic is correctly...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.6 views

Belden Hirschmann HiOS 输入验证错误漏洞

Belden Hirschmann HiOS is an industrial Ethernet switch operating system developed by the American company Belden. Versions of Belden Hirschmann HiOS prior to 08.1.00 and 07.1.01 contained a vulnerability related to input validation errors. This vulnerability stemmed from improper handling of the...

8.7CVSS5.8AI score0.00921EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23404

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when removing nested profiles, which can lead to...

5.5CVSS5.9AI score0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/02 6:31 p.m.3 views

EUVD-2026-18360

A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function updatepcdb of the file /setup.cgi. The manipulation of the argument macpcdba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the...

9CVSS7.8AI score0.00815EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:20 p.m.0 views

CVE-2026-34122

A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter,...

7.1CVSS6.2AI score0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/04/02 5:20 p.m.7 views

CVE-2026-34122

Affected product: TP-Link Tapo C520WS (firmware v2.6). Vulnerability: stack-based buffer overflow in the configuration handling component due to insufficient input validation, triggered by an excessively long configuration parameter value. Impact: Denial of Service (service crash or device reboot...

7.1CVSS6.2AI score0.00259EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/02 4:16 p.m.4 views

CVE-2026-5349

A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function addapcdb of the file /setup.cgi. The manipulation of the argument macpcdba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be...

9CVSS0.00772EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 3:30 p.m.4 views

CVE-2026-5350

A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function updatepcdb of the file /setup.cgi. The manipulation of the argument macpcdba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the...

9CVSS7.8AI score0.00815EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/04/02 3:30 p.m.11 views

CVE-2026-5350

CVE-2026-5350 affects Trendnet TEW-657BRM running 1.00.1. The flaw is in function update_pcdb within /setup.cgi, where manipulating the mac_pc_dba argument causes a stack-based buffer overflow. Attack can be launched remotely and the exploit has been released publicly. The vendor notes the produc...

9CVSS7.8AI score0.00815EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/02 3:15 p.m.3 views

CVE-2026-5349

A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function addapcdb of the file /setup.cgi. The manipulation of the argument macpcdba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be...

9CVSS7.8AI score0.00772EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/04/02 3:15 p.m.15 views

CVE-2026-5349

Trendnet TEW-657BRM (1.00.1) is affected by CVE-2026-5349 via the function add_apcdb in /setup.cgi. The mac_pc_dba argument manipulation causes a stack-based buffer overflow, and the vulnerability can be triggered remotely. An exploit is publicly available. The vendor notes the product has been d...

9CVSS7.8AI score0.00772EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/02 3:15 p.m.18 views

CVE-2026-5349 Trendnet TEW-657BRM setup.cgi add_apcdb stack-based overflow

A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function addapcdb of the file /setup.cgi. The manipulation of the argument macpcdba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be...

9CVSS0.00772EPSS
Exploits1References4
Rows per page
Query Builder