Lucene search
K

899 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in net-snmp

The handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP versions 5.8 through 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker who has write access to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

6.5CVSS6.8AI score0.52054EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.19 views

SUSE CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

5.5CVSS5.7AI score0.00574EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 9:35 a.m.10 views

EUVD-2026-32760

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

5.7AI score0.00574EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.35 views

CVE-2026-46133 RDMA/rxe: Reject unknown opcodes before ICRC processing

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

7.5CVSS0.00574EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/26 12:0 a.m.11 views

EUVD-2026-31840

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References3
CVE
CVE
added 2026/05/26 12:0 a.m.21 views

CVE-2026-48684

CVE-2026-48684 affects FastNetMon Community Edition up to 1.2.9. The NetFlow v9 options-template parser has an out-of-bounds read in process_netflow_v9_options_template(), where the scope parsing loop and the options-field loop can read past the UDP packet buffer due to attacker-controlled option...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/26 12:0 a.m.7 views

CVE-2026-48684

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

6.5CVSS5.8AI score0.00264EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer value during the ncinputpacket call...

9.8CVSS7AI score0.02666EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer during the udppackethandler call...

9.8CVSS7.1AI score0.02331EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 6:24 p.m.10 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

MiracleLinux 8 : corosync-3.1.8-1.el8_10.1 (AXSA:2026-593:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-593:02 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.5 views

RHEL 9 : corosync (RHSA-2026:14211)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14211 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS6AI score0.00994EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2026/05/06 4:26 p.m.7 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

AlmaLinux 8 : corosync (ALSA-2026:13657)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13657 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References4
OSV
OSV
added 2026/05/05 12:0 a.m.8 views

ALSA-2026:13673 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.6 views

RHEL 8 : corosync (RHSA-2026:13657)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13657 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References7
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.3 views

SUSE CVE-2026-31633

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

9.8CVSS5.5AI score0.00469EPSS
Exploits0References3
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31633

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

9.8CVSS5.3AI score0.00469EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 2:44 p.m.7 views

EUVD-2026-25526

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

5.4AI score0.00469EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/24 2:44 p.m.33 views

CVE-2026-31633 rxrpc: Fix integer overflow in rxgk_verify_response()

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

9.8CVSS0.00469EPSS
Exploits0References3
Rows per page
Query Builder