Lucene search
K

956 matches found

Cvelist
Cvelist
added 2026/06/24 3:34 a.m.34 views

CVE-2026-12848 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:34 a.m.33 views

CVE-2026-12847 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00427EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 3:34 a.m.13 views

CVE-2026-12485

Geovision GV-I/O Box 4E DVR exists with DVRSearch CMD_IP_SET buffer overflow vulnerabilities that allow arbitrary code execution via a crafted UDP/network request. Talos confirms multiple stack-based buffer overflows in CMD_IP_SET (affecting GV-I/O Box 4E versions 2.09), caused by unsafe copying ...

10CVSS6.2AI score0.00436EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/09 3:31 p.m.60 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.72253EPSS
Exploits31
GithubExploit
GithubExploit
added 2026/06/06 1:21 p.m.69 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.72253EPSS
Exploits31
GithubExploit
GithubExploit
added 2026/06/04 2:39 p.m.102 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 ██████╗██╗ ██╗███████╗ ██╗ ██╗ ██╗...

9.8CVSS6.2AI score0.72253EPSS
Exploits31
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Added mutual exclusion in procsctpdoudpport. We must serialize calls to sctpudpsockstop and sctpudpsockstart, or risk a crash, as syzbot reported: Oops: General protection fault, likely due to a non-canonical address...

5.5CVSS6.5AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw in the processing of received ICMP errors such as ICMP fragments and ICMP redirections within the Linux kernel’s functionality was identified. This flaw allows an off-path remote user to quickly scan open UDP ports. This vulnerability enables a remote user to bypass the UDP source port...

7.4CVSS6.7AI score0.06846EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/24 7:19 p.m.7 views

CVE-2026-41429

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...

8.8CVSS5.6AI score0.00307EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.11 views

PT-2026-35072

Name of the Vulnerable Software and Affected Versions arduino-esp32 versions prior to 3.3.8 Description A remotely reachable memory corruption issue exists in the NBNS packet handling path. When NetBIOS is enabled via the NBNS.begin function, the device listens on UDP port 137 and processes...

8.8CVSS5.5AI score0.00307EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/27 2:25 p.m.61 views

CVE-2021-27393

A vulnerability has been identified in Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2013.08, Nucleus Source Code Versions including affected DNS modules. The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS...

5.3CVSS6.8AI score0.00751EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 1:28 a.m.7 views

CVE-2026-27476

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

9.8CVSS6.1AI score0.02628EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/02/19 8:43 p.m.3 views

CVE-2026-27476 RustFly 2.0.0 Command Injection via UDP Remote Control

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

9.8CVSS6.2AI score0.02628EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/18 8:59 p.m.25 views

CVE-2026-27182 Saturn Remote Mouse Server UDP Command Injection RCE

Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send malformed packets with unsanitized command data that the...

8.6CVSS0.01209EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001372)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001372 advisory. A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass...

7.4CVSS7.2AI score0.06692EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001466)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001466 advisory. A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly...

7.4CVSS6.7AI score0.06846EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002322 advisory. The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended...

6.4CVSS6.3AI score0.03751EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.12 views

CVE-2022-33989

dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

5.3CVSS7.1AI score0.00794EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.11 views

CVE-2022-37886

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks AP management protocol UDP port 8211. Successful exploitation of these vulnerabilities result...

9.8CVSS9AI score0.01349EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.7 views

CVE-2024-41660

slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon o...

9.8CVSS9.5AI score0.00856EPSS
Exploits0References1
Rows per page
Query Builder