Lucene search
K

15 matches found

CVE
CVE
added 2026/06/25 1:39 p.m.25 views

CVE-2026-47150

The advisory concerns EmberZNet v9.0.2 and earlier where malformed IAS Zone enrollment messages can trigger an out-of-bounds write to a state-table, terminating the process. The write’s size/location are bounded, and only messages from devices that have already joined the network affect devices s...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 1:39 p.m.30 views

CVE-2026-47150 IAS Zone enroll invalid table index and write in EmberZNet 9.0.2

In EmberZNet v9.0.2 and earlier, malformed IAS Zone enrollment messages can trigger an out-of-bounds state-table write and terminate the process. The size and location of this write is limited. These messages must come from a device that has already joined the network. Only devices supporting the...

7.1CVSS0.00217EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52403

Name of the Vulnerable Software and Affected Versions EmberZNet versions prior to 9.0.3 Description Malformed IAS Zone enrollment messages can trigger an out-of-bounds state-table write, which leads to process termination. This issue specifically affects devices that support the IAS Zone cluster...

7.1CVSS5.7AI score0.00217EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/09/21 12:0 a.m.14 views

FreeBSD : FreeBSD -- pf incorrectly matches different ICMPv6 states in the state table (f140cff0-771a-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f140cff0-771a-11ef-9a62-002590c1f29c advisory. In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incomi...

6.3CVSS5.7AI score0.00462EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/11 2:33 a.m.10 views

CVE-2024-6640 pf incorrectly matches different ICMPv6 states in the state table

In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation NS can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier to...

6.9AI score0.00462EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/11 2:33 a.m.22 views

CVE-2024-6640 pf incorrectly matches different ICMPv6 states in the state table

In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation NS can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier to...

0.00462EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.4 views

SUSE CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

7.1CVSS8.2AI score0.32123EPSS
Exploits1References5
OSV
OSV
added 2021/01/13 12:0 a.m.14 views

OSV-2018-54 UNKNOWN READ in BEInt<short, 2>::operator short

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11305 Crash type: UNKNOWN READ Crash state: BEInt::operator short AAT::KerxSubTableFormat1::drivercontextt::transition void AAT::StateTableDriver::EntryDat...

7.2AI score
Exploits0References1
OSV
OSV
added 2008/10/20 5:59 p.m.6 views

AZL-6513 CVE-2008-4609 affecting package kernel for versions less than 5.10.78.1-1

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

7.1CVSS7.4AI score0.32123EPSS
Exploits1References1
OSV
OSV
added 2008/10/20 5:59 p.m.3 views

DEBIAN-CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

7.1CVSS6.7AI score0.32123EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2008/10/20 5:59 p.m.4 views

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

7.1CVSS5.6AI score0.32123EPSS
Exploits1References17
Cvelist
Cvelist
added 2008/10/20 5:0 p.m.27 views

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

6.1AI score0.32123EPSS
Exploits1References15
securityvulns
securityvulns
added 2005/08/14 12:0 a.m.29 views

Low security hole affecting Mentor&#39;s ADSLFR4II router

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've found a number of low risk issues with Mentor's ADSLFR4II router. I initially spoke to them on the 20th July, passing them full details of my findings on the 21st of July. I then emailed them again on the 4th of August asking for an update and...

7.2AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.17 views

CVE-2002-2150

Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as 1 TCP SYN flood, 2 UDP flood, or 3 Crikey CRC Flood, which causes the firewall to refuse any new connections...

5CVSS6.8AI score0.01986EPSS
Exploits0References3
securityvulns
securityvulns
added 2000/05/27 12:0 a.m.46 views

Security Vulnerability in IPFilter 3.3.15 and 3.4.3

Obfuscation Research Laboratories Security Advisory ORL-2000-05-19-01 IPFILTER FIREWALLS SYNOPSIS A weakness exists in the IPFilter firewalling package in all versions up to and including 3.3.15 and 3.4.3 that allows an attacker to penetrate the firewall when a common, yet admittedly flawed,...

7AI score
Exploits0
Rows per page
Query Builder