41 matches found
PT-2026-36474
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6 CSUM GSO fallback NETIF F IPV6 CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto softwar...
CLSA-2026-1774947708 squid: Fix of 3 CVEs
CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking sensitive information - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS...
SUSE CVE-2026-33515
Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding...
Cisco Secure Firewall Threat Defense 安全漏洞
Cisco Secure Firewall Threat Defense is an integrated firewall platform from Cisco USA. A security vulnerability exists in Cisco Secure Firewall Threat Defense that stems from improper traffic handling and could lead to a denial of service attack...
F5 BIG-IP APM 安全漏洞
F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A security vulnerability exists in F5 BIG-IP APM that stems from configuring network access without properly handling specific traffic, which...
redis: Redis Unauthenticated Denial of Service
A flaw was found in Redis. Unauthenticated connections can trigger repeated IP protocol errors, leading to client starvation and an application-level denial of service. This flaw allows an attacker to induce this condition without authentication. This issue results in a denial of service conditio...
redis: Redis Unauthenticated Denial of Service
A flaw was found in Redis. Unauthenticated connections can trigger repeated IP protocol errors, leading to client starvation and an application-level denial of service. This flaw allows an attacker to induce this condition without authentication. This issue results in a denial of service conditio...
redis: Redis Unauthenticated Denial of Service
A flaw was found in Redis. Unauthenticated connections can trigger repeated IP protocol errors, leading to client starvation and an application-level denial of service. This flaw allows an attacker to induce this condition without authentication. This issue results in a denial of service conditio...
CVE-2025-38278
CVE-2025-38278 affects the Linux kernel’s octeontx2-pf QoS code path. The issue arises in the TC_HTB_LEAF_DEL_LAST callback handling, where on reboot the interface can reassign the same HTB leaf queue to its parent while still updating the number of queues, triggering the warning “New queues can'...
CVE-2025-38278 octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TCHTBLEAFDELLAST callback This patch addresses below issues, 1. Active traffic on the leaf node must be stopped before its send queue is reassigned to the parent. This patch resolves the issue by marki...
CVE-2022-49695
The CVE-2022-49695 entry affects the Linux kernel igb driver (igb_clean_tx_ring) and is a use-after-free bug triggered when the NIC is in XDP mode. The issue can occur when traffic is redirected to the igb NIC and the device is closed while traffic is flowing. It has been fixed in the kernel (see...
CVE-2024-20351
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense FTD Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service DoS...
Denial Of Service (DoS)
github.com/cilium/cilium is vulnerable to Denial Of Service DoS. The vulnerability is due to a flaw in Cilium's handling of DNS traffic when configured to proxy it in a Kubernetes cluster, allowing an attacker to send a crafted DNS response to workloads outside the cluster, causing Cilium agents ...
CVE-2024-6249
Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The...
CVE-2024-6249
Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The...
CVE-2024-6249 Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The...
CVE-2024-6249 Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The...
CVE-2024-20351
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense FTD Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service DoS...
CVE-2024-20351 Cisco Firepower Threat Defense Software Snort Firewall Denial of Service Vulnerability
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense FTD Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service DoS...
Network Policy Bypass
github.com/cilium/cilium is vulnerable to Network Policy Bypass. The vulnerability is due to the inherent design of ICMP traffic handling in conjunction with specific network policy settings in Cilium, allows ICMP Echo Requests to bypass intended restrictions...