Lucene search
K

901 matches found

Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.9 views

PT-2026-56265

Name of the Vulnerable Software and Affected Versions OpenWrt versions prior to 25.12.5 Description An integer underflow occurs in the handle send a function of the Emergency Access Daemon. An unauthenticated attacker on the local network can trigger this by sending a single crafted UDP packet,...

6.5CVSS6.1AI score0.00684EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53151

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to extract the SACK table for parsing Fix modification of the received skbuff in rxrpcinputsoftacks and a potential incorrect access of the buffer in a fragmented UDP packet the packet would probably hav...

9.8CVSS5.9AI score0.00497EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.20 views

SUSE CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

5.5CVSS5.7AI score0.00574EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/28 9:35 a.m.12 views

EUVD-2026-32760

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

5.7AI score0.00574EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.40 views

CVE-2026-46133 RDMA/rxe: Reject unknown opcodes before ICRC processing

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

7.5CVSS0.00574EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/26 12:0 a.m.12 views

EUVD-2026-31840

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References3
CVE
CVE
added 2026/05/26 12:0 a.m.25 views

CVE-2026-48684

CVE-2026-48684 affects FastNetMon Community Edition up to 1.2.9. The NetFlow v9 options-template parser has an out-of-bounds read in process_netflow_v9_options_template(), where the scope parsing loop and the options-field loop can read past the UDP packet buffer due to attacker-controlled option...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/26 12:0 a.m.9 views

CVE-2026-48684

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

6.5CVSS5.8AI score0.00264EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer during the udppackethandler call...

9.8CVSS7.1AI score0.0235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer value during the ncinputpacket call...

9.8CVSS7AI score0.02666EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in net-snmp

The handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP versions 5.8 through 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker who has write access to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

6.5CVSS6.8AI score0.52054EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/19 6:24 p.m.11 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

MiracleLinux 8 : corosync-3.1.8-1.el8_10.1 (AXSA:2026-593:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-593:02 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.6 views

RHEL 9 : corosync (RHSA-2026:14211)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14211 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS6AI score0.00994EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2026/05/06 4:26 p.m.8 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

AlmaLinux 8 : corosync (ALSA-2026:13657)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13657 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References4
OSV
OSV
added 2026/05/05 12:0 a.m.9 views

ALSA-2026:13673 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.9 views

RHEL 8 : corosync (RHSA-2026:13657)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13657 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References7
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.11 views

SUSE CVE-2026-31633

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

9.8CVSS5.5AI score0.00469EPSS
Exploits0References3
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31633

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

9.8CVSS5.3AI score0.00469EPSS
Exploits0References1
Rows per page
Query Builder