Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 ██████╗██╗ ██╗███████╗ ██╗ ██╗ ██╗...

Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. id: CVE-2024-0801 info: name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll author: daffainfo severity: high description: | A denial of service vulnerability exists i...

Arcserve UDP <= 9.0.6034 - Authentication Bypass

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute a...

PT-2026-45842

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple packet parser ng.cpp, after validating that the packet contains at least sizeofipv4 header t bytes 20 bytes, the code advances the local pointer by '4 ipv4 header-get ihl' line 164...

Debian dla-4608 : corosync - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4608 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4608-1 [email protected]...

One (Thread) Can Keep a (PRNG) Secret, but Not Two

We present a novel, practical attack on the IPv6 Fragment ID generation algorithm of XNU, which is the kernel used by Apple products such as macOS and iOS. This attack exploits a race-condition vulnerability in the algorithm's pseudorandom number generator PRNG to cryptanalytically break, learn t...

RLSA-2026:19043 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

corosync security update

An update is available for corosync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync packages provide the Corosync Cluster Engine and C APIs for...

OESA-2026-2495 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udpsock to a local address and port, UDP uses two hashes udptable-hash and udptable-hash2 f...

SUSE CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

RockyLinux 9 : corosync (RLSA-2026:19200)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19200 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

CVE-2026-39929

Lakeside SysTrack Agent versions prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, 11.5.0.15 contain an out-of-bounds read vulnerability in the Command ID 30 UDP packet handler that allows remote attackers to crash the application by sending a specially crafted UDP packet. Attackers can send a malformed...

CVE-2026-46133

A flaw was found in the Linux kernel's Soft RoCE RDMA/rxe driver. An unauthenticated remote attacker can send a specially crafted UDP packet with an unknown opcode to trigger an out-of-bounds read. This vulnerability can lead to a kernel panic, effectively causing a Denial of Service DoS on the...

RLSA-2026:19200 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

CVE-2026-46133 RDMA/rxe: Reject unknown opcodes before ICRC processing

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

EUVD-2026-32760

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

SUSE CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

CVE-2026-45859

The CVE-2026-45859 entry describes a Linux kernel netfilter nfnetlink_queue issue where a shared-unconfirmed nf_conn entry is not checked before segmentation, causing UDP packets to be dropped instead of queued when F_GSO is not set and a GSO packet arrives. The regression arose due to the check ...

CVE-2026-45859 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...

CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...