Lucene search
K

7000 matches found

Nuclei
Nuclei
added 15 hours ago12 views

Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. id: CVE-2024-0801 info: name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll author: daffainfo severity: high description: | A denial of service vulnerability exists i...

7.5CVSS7.2AI score0.41843EPSS
Exploits1References2
Nuclei
Nuclei
added 2 days ago23 views

Arcserve UDP <= 9.0.6034 - Authentication Bypass

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute a...

9.8CVSS7.2AI score0.37715EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 4 days ago5 views

CVE-2026-53362

A flaw was found in the Linux kernel's ipv6 networking subsystem. An incorrect parameter length calculation allows an attacker with permissions to create UDP sockets to trigger overwrites of kernel memory, potentially leading to privilege escalation, data corruption, or a system crash. Mitigation...

7.8CVSS5.9AI score0.00176EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 6 days ago5 views

CVE-2026-11352

An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, a connected QUIC peer can...

7.5CVSS6.7AI score0.00756EPSS
Exploits1References3
CVE
CVE
added 2026/07/02 5:55 p.m.16 views

CVE-2026-58465

The CVE affects Eclipse Wakaama before snapshot/2026-05-26, with an unbounded memory allocation in the CoAP Block1 handler (coap/block.c). Unauthenticated remote attackers can exhaust memory by sending a sequence of Block1 PUT requests with incrementing block numbers to the registration endpoint ...

8.7CVSS6AI score0.00555EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/02 4:6 p.m.6 views

CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/30 11:39 p.m.2 views

BIT-ENVOY-2026-48497 Envoy: Abnormal process termination in DNS UDP filter

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...

7.5CVSS5.8AI score0.00405EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.23 views

CVE-2026-13799

Use after free in QUIC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

0.00298EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:31 a.m.3 views

OPENSUSE-SU-2026:21184-1 Security update for coturn

This update for coturn fixes the following issues: Changes in coturn: - Update to version 4.14.0 New No more dependency on prometheus-client-c HTTPS support for prometheus client optional TLS support for redis - now compatible with managed redis optional. Rate limiting "401 Unauthorized" response...

7.7CVSS7.4AI score0.00363EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53184

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratc...

7.5CVSS6AI score0.00506EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 7:58 p.m.3 views

GHSA-QH5X-RFWF-RVFV Hysteria vulnerable to server crash when max_datagram_frame_size very small

Summary An authenticated client can crash the Hysteria server by advertising a very small QUIC maxdatagramframesize and then triggering a UDP response from the server. When the server tries to send the UDP response back via QUIC DATAGRAM, quic-go returns DatagramTooLargeError. The server then...

7.5CVSS5.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 7:1 a.m.6 views

CVE-2026-53151

A flaw was found in the Linux kernel's AFRXRPC subsystem. This vulnerability involves incorrect handling of fragmented UDP packets when parsing the SACK Selective Acknowledgment table. An attacker could potentially craft a fragmented UDP packet to trigger an incorrect buffer access within the...

9.8CVSS5.9AI score0.00497EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:42 p.m.5 views

CVE-2026-53184

A flaw was found in the Linux kernel. When a User Datagram Protocol UDP socket is configured with a sockmap, and a BPF Berkeley Packet Filter program attached to it calls a socket-lookup helper, the skb-dev field is not properly cleared. This improper handling of the skb-dev field can lead to a...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53184

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

7.5CVSS0.00506EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53184

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

7.5CVSS5.7AI score0.00506EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39326

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

5.7AI score0.00466EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.28 views

CVE-2026-53184 udp: clear skb->dev before running a sockmap verdict

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

7.5CVSS0.00506EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39275

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

5.7AI score0.00506EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53151

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to extract the SACK table for parsing Fix modification of the received skbuff in rxrpcinputsoftacks and a potential incorrect access of the buffer in a fragmented UDP packet the packet would probably hav...

9.8CVSS5.9AI score0.00497EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53151

CVE-2026-53151 concerns the Linux kernel AF_RXRPC subsystem, where legacy parsing of the SACK table could trigger an invalid buffer access when processing fragmented UDP packets. The fix updates rxrpc_input_soft_acks() and rxrpc_input_ack() logic so that SACK contents are not copied into a flat b...

9.8CVSS6AI score0.00497EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder