Lucene search
K

1471 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42645

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL fiel...

7.5CVSS6.4AI score0.00402EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 5:16 p.m.10 views

CVE-2026-10655

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS0.00254EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 4:33 p.m.5 views

CVE-2026-10655

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/06/30 4:33 p.m.16 views

CVE-2026-10655

Concrete details found: Zephyr’s asynchronous SNTP client (sntp_close_async) can race with the socket service poll thread. Closing the UDP socket descriptor from a different thread (SNTP timeout path) may free and reuse net_context while the poll thread holds a poller node, causing a use-after-fr...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ptp: ocp: fix resource freeing order Commit a60fc3294a37 ptp: rework ptpclockunregister to disable events added a call to ptpdisableallevents which changes the...

5.5CVSS6.1AI score0.00107EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 7:54 p.m.24 views

CVE-2026-32833

CVE-2026-32833 affects Cudy LT300 3.0 firmware prior to 2.5.12. The vulnerability arises in the system time configuration interface, where an authenticated attacker can inject shell metacharacters into the cbid.system.ntp.current POST parameter via the NTP settings endpoint, enabling remote code ...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:54 p.m.7 views

EUVD-2026-39862

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 11:32 p.m.8 views

CVE-2026-52971

A flaw was found in the Linux kernel's Elastic Network Adapter ENA driver, specifically within the Precision Time Protocol Hardware Clock PHC timestamp retrieval function. A race condition exists where the gettimestamp function could attempt to access memory that has already been freed by the...

7.8CVSS5.7AI score0.00133EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53222

In the Linux kernel, CVE-2026-53222 relates to the ptp: ocp driver. The root cause was use-after-free during driver removal caused by freeing resources in ptp_ocp_detach() before ptp_clock_unregister(), after a change that disables events via ptp_disable_all_events(). The fix changes the free/unr...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53222

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix resource freeing order Commit a60fc3294a37 "ptp: rework ptpclockunregister to disable events" added a call to ptpdisableallevents which changes the configuration of pins if they support EXTTS events. In ptpocpdetach...

5.5CVSS5.6AI score0.00107EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52317

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists during driver removal in the Precision Time Protocol PTP OCP implementation. The ptp ocp detach function frees pin resources before calling ptp clock...

5.5CVSS5.9AI score0.00107EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.29 views

CVE-2026-52971 net: ena: PHC: Fix potential use-after-free in get_timestamp

In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...

7.8CVSS0.00133EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer rtpqdm2depay: Heap-based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...

8.8CVSS7.4AI score0.00828EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: stmmac – ensure that ptprate is not set to 0 before configuring EST. If the value of ptprate, which was previously recorded in the driver, happens to be 0, this invalid value will be propagated up to the EST configuration,...

5.5CVSS5.7AI score0.00158EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.11 views

Oracle Linux 9 : kernel (ELSA-2026-19225)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19225 advisory. - xfrm: esp: avoid in-place decrypt on shared skb frags Sabrina Dubroca RHEL-174563 CVE-2026-43284 - crypto: authencesn - Do not place hiseq at end of...

8.8CVSS7.2AI score0.96267EPSS
Exploits265References5
OSV
OSV
added 2026/06/22 1:8 p.m.3 views

OPENSUSE-SU-2026:21145-1 Security update for mbedtls-2

This update for mbedtls-2 fixes the following issues: Changes in mbedtls-2: - Enable SRTP and DTLS protocols needed by some software. - Update to version 2.28.10: Default behavior changes In TLS clients, if mbedtlssslsethostname has not been called, mbedtlssslhandshake now fails with...

5.4CVSS6AI score0.00274EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/16 9:32 p.m.12 views

EUVD-2026-37190

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.6AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.8 views

EUVD-2026-37213

In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

6AI score0.00173EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 p.m.11 views

CVE-2026-0165

In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.7CVSS0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 8:16 p.m.10 views

CVE-2026-0156

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS0.00211EPSS
Exploits0References1
Rows per page
Query Builder