17 matches found
CVE-2026-9539
An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...
Astra Linux – Vulnerability in open-iscsi
A issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data. It...
EUVD-2024-52827
Malicious code in bioql PyPI...
SUSE CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
VulnCheck KEV: CVE-2019-12263
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component issue 4 of 4. There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
CVE-2024-55629 affects Suricata prior to 7.0.8, where TCP urgent data handling could cause data to be analyzed differently than at endpoints, enabling evasions. In IPS mode, administrator can drop urgent-data packets via rules (e.g., tcp.flags:U*). The issue is addressed in Suricata 7.0.8 and lat...
RHEL 6 : open-iscsi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Open-iSCSI: invalid handing of the TCP urgent data pointer CVE-2020-17437 - An issue was discovered in...
RHEL 5 : open-iscsi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Open-iSCSI: invalid handing of the TCP urgent data pointer CVE-2020-17437 - An issue was discovered in...
CVE-2021-31400
An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...
CVE-2019-12260
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component issue 2 of 4. This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option...
CVE-2019-12255
Wind River VxWorks has a Buffer Overflow in the TCP component issue 1 of 4. This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow...
Race condition
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component issue 4 of 4. There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition...
USN-3265-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-7374 Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation G...