Lucene search
K

1466 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

The praecisparse function in ntpd/refclockpalisade.c, within NTP 4.2.8p15, contains an out-of-bounds write vulnerability. Any attack method would be complex, for example, using a manipulated GPS receiver...

6.4CVSS6.3AI score0.00521EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

In the file libntp/mstolfp.c, within the NTP 4.2.8p15 version, there is a buffer overflow vulnerability when adding a decimal point. An attacker may be able to exploit a client ntpq process, but they cannot exploit ntpd...

5.6CVSS6.9AI score0.00645EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when a \0' character is added. An adversary may be able to attack a client ntpq process, but they cannot attack the ntpd process...

5.6CVSS7.1AI score0.00645EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in NTP

In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, ntpd allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This occurs because transmissions are rescheduled even when a packet lacks a valid origin timestamp...

7.5CVSS6.2AI score0.02081EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - ice: Fixed the issue where calls to PF PTP cleanup the iceptpcleanuppf function and the pslock mutex deinitialization were missed during the error path when removing a driver. This issue could occur either at the driver prob...

6AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

In NTP versions 4.2.8, 4.2.8p15, and 4.3.x, before 4.3.101, remote attackers could cause a denial of service memory consumption by sending packets. This occurs because memory is not released in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file...

4.9CVSS6.1AI score0.03357EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ptp: Unregistering virtual clocks when unregistering a physical clock. When unregistering a physical clock that contains virtual clocks, the virtual clocks must also be unregistered. This fix resolves the following errors that...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: always set shared-phydev for LAN8814 Currently, during the LAN8814 PTP probe, shared-phydev is only set if the PTP clock is actually set. Otherwise, the function returns before setting it. This is a problem...

5.9AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Do not process extts if PTP is disabled The iceptpexttsevent function can race with iceptprelease, resulting in a NULL pointer dereferencing, which can lead to a kernel panic. A panic occurs because the iceptpexttsevent...

4.7CVSS5.8AI score0.00154EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fixed use-after-free bugs in otx2synctstamp. The original code relies on canceldelayedwork in otx2ptpDestroy, which does not ensure that the delayed work item synctstampwork has fully completed if it was already...

7.8CVSS6.5AI score0.00138EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: A memory barrier is required to ensure that the PTP WQ xmit submission tracking occurs after populating the metadatamap. Simply reordering the functions mlx5eptpmetadatamapput and mlx5eptpsqtrackmetadata within the...

5.5CVSS5.8AI score0.00227EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 6:19 p.m.11 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

8.8CVSS8.1AI score0.00828EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.9 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

8.8CVSS8.1AI score0.00828EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.10 views

GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay

A flaw was found in GStreamer. This out-of-bounds write vulnerability exists within the rtpqdm2depay element, specifically during the processing of X-QDM Real-time Transport Protocol RTP payload elements. A remote attacker can exploit this by providing malformed user-supplied data to the packetid...

8.8CVSS7.8AI score0.00806EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.9 views

CVE-2026-36741

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

7.2CVSS6AI score0.0209EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.14 views

EUVD-2026-30044

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

6AI score0.0209EPSS
Exploits1References3
NVD
NVD
added 2026/05/13 4:16 p.m.10 views

CVE-2026-36741

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

7.2CVSS0.0209EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:0 a.m.10 views

CVE-2026-36741

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

6AI score0.0209EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

U-SPEED AC1200 安全漏洞

The U-SPEED AC1200 is a Gigabit dual-band Wi-Fi router produced by the U-SPEED company. The U-SPEED AC1200 T18-21K V1.0 version contains a security vulnerability. This vulnerability arises from the incorrect handling of user input in the NTP configuration interface. As a result, authenticated use...

7.2CVSS5.9AI score0.0209EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.17 views

PT-2026-40706

Name of the Vulnerable Software and Affected Versions U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K version 1.0 Description The Network Time Protocol NTP configuration interface fails to properly sanitize user-supplied input. An authenticated user with permissions to modify NTP settings can...

7.2CVSS6.2AI score0.0209EPSS
Exploits1References4
Rows per page
Query Builder