CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

610 matches found

OSV•added 2026/05/05 9:12 p.m.•1 views

GHSA-GRGV-6HW6-V9G4 Twisted has a Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer Chains

Details The twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending a crafted TCP DNS packet containing deeply chained compression pointers. This flaw bypasses previo...

7.5CVSS5.9AI score0.00024EPSS

Exploits1References4

Github Security Blog•added 2026/04/07 8:13 p.m.•8 views

netavark has incorrect error handling for malformed tcp packets

Impact A truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. Patches https://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1 Workarounds None Credits Thanks to @dkane01 for reporti...

7.5CVSS5.9AI score0.00014EPSS

Exploits0References5Affected Software1

CVE•added 2026/01/15 8:27 p.m.•6 views

CVE-2026-21918

CVE-2026-21918 describes a Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series. The issue allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) by sending a specific sequence of TCP packets during session...

8.7CVSS6.5AI score0.00021EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/01/09 11:54 a.m.•1 views

CVE-2009-4921

Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allow remote attackers to cause a denial of service traceback via malformed TCP packets, aka Bug ID CSCsm84110...

7.8CVSS7.1AI score0.00811EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:46 a.m.•6 views

CVE-2022-31291

An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...

7.5CVSS6.7AI score0.00103EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:56 a.m.•10 views

CVE-2023-40718

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets...

7.5CVSS6.7AI score0.00031EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:50 a.m.•4 views

CVE-2021-31889

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions, SIMOTICS CONNECT 400 All versions V0.5.0.0. Malformed TCP packets with a corrupted SACK option leads to Information Lea...

9.1CVSS6.5AI score0.01577EPSS

Exploits0References1

NVD•added 2025/12/22 4:16 a.m.•1 views

CVE-2025-59301

Delta Electronics DVP15MC11T lacks proper validation of the modbus/tcp packets and can lead to denial of service...

7.5CVSS0.0004EPSS

Exploits0References1

NVD•added 2025/11/11 9:15 p.m.•1 views

CVE-2025-40815

A vulnerability has been identified in LOGO! 12/24RCE 6ED1052-1MD08-0BA2 All versions, LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 All versions, LOGO! 230RCE 6ED1052-1FB08-0BA2 All versions, LOGO! 230RCEo 6ED1052-2FB08-0BA2 All versions, LOGO! 24CE 6ED1052-1CC08-0BA2 All versions, LOGO! 24CEo...

8.6CVSS0.00056EPSS

Exploits0References1