956 matches found
CVE-2026-12848 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...
CVE-2026-12847 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...
CVE-2026-12485
Geovision GV-I/O Box 4E DVR exists with DVRSearch CMD_IP_SET buffer overflow vulnerabilities that allow arbitrary code execution via a crafted UDP/network request. Talos confirms multiple stack-based buffer overflows in CMD_IP_SET (affecting GV-I/O Box 4E versions 2.09), caused by unsafe copying ...
Exploit for Stack-based Buffer Overflow in Microsoft
CVE-2026-41089 !TIP If the setup does not start, add t...
Exploit for Stack-based Buffer Overflow in Microsoft
CVE-2026-41089 !TIP If the setup does not start, add t...
Exploit for Stack-based Buffer Overflow in Microsoft
CVE-2026-41089 ██████╗██╗ ██╗███████╗ ██╗ ██╗ ██╗...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Added mutual exclusion in procsctpdoudpport. We must serialize calls to sctpudpsockstop and sctpudpsockstart, or risk a crash, as syzbot reported: Oops: General protection fault, likely due to a non-canonical address...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw in the processing of received ICMP errors such as ICMP fragments and ICMP redirections within the Linux kernel’s functionality was identified. This flaw allows an off-path remote user to quickly scan open UDP ports. This vulnerability enables a remote user to bypass the UDP source port...
CVE-2026-41429
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...
PT-2026-35072
Name of the Vulnerable Software and Affected Versions arduino-esp32 versions prior to 3.3.8 Description A remotely reachable memory corruption issue exists in the NBNS packet handling path. When NetBIOS is enabled via the NBNS.begin function, the device listens on UDP port 137 and processes...
CVE-2021-27393
A vulnerability has been identified in Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2013.08, Nucleus Source Code Versions including affected DNS modules. The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS...
CVE-2026-27476
RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...
CVE-2026-27476 RustFly 2.0.0 Command Injection via UDP Remote Control
RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...
CVE-2026-27182 Saturn Remote Mouse Server UDP Command Injection RCE
Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send malformed packets with unsanitized command data that the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001466)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001466 advisory. A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001372)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001372 advisory. A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002322)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002322 advisory. The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended...
CVE-2022-33989
dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...
CVE-2022-37886
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks AP management protocol UDP port 8211. Successful exploitation of these vulnerabilities result...
CVE-2024-41660
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon o...