Lucene search
K

9096 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-29008

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS0.00432EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-29008 U-Boot 2026.04-rc3 Integer Underflow DoS via tcp_rx_state_machine()

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS0.00432EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 6 days ago3 views

CVE-2026-29008 U-Boot 2026.04-rc3 Integer Underflow DoS via tcp_rx_state_machine()

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6AI score0.00432EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42332

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6AI score0.00432EPSS
Exploits0References3
OSV
OSV
added 6 days ago4 views

CVE-2026-29008 U-Boot 2026.04-rc3 Integer Underflow DoS via tcp_rx_state_machine()

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6.1AI score0.00432EPSS
Exploits0References7
CVE
CVE
added 6 days ago10 views

CVE-2026-29008

U-Boot 2026.04-rc3 contains a vulnerability in tcp_rx_state_machine() (net/tcp.c) that can crash the bootloader via a malformed TCP SYN+ACK with manipulated data offset, causing payload_len to become negative. The negative value is implicitly converted to a large unsigned integer and passed to me...

8.7CVSS6AI score0.00432EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56475

Name of the Vulnerable Software and Affected Versions U-Boot versions prior to 2026.04-rc3 Description An integer underflow exists in the tcp rx state machine function within net/tcp.c. A network-adjacent attacker can trigger this by sending a malformed TCP SYN+ACK packet with a manipulated data...

8.7CVSS6AI score0.00432EPSS
Exploits0References7
Amazon
Amazon
added 6 days ago7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit CVE-2026-23449 In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes CVE-2026-31449 In the Linux...

9.8CVSS6AI score0.00742EPSS
Exploits0
NVD
NVD
added last week8 views

CVE-2026-55490

OpenWrt is a Linux operating system targeting embedded devices. Before v25.12.5, an integer underflow in handlesenda of the Emergency Access Daemon allows any unauthenticated attacker on the local network to crash the daemon by sending a single crafted UDP packet. The message length underflows...

6.5CVSS0.00684EPSS
Exploits1References3
Cvelist
Cvelist
added last week26 views

CVE-2026-55490 OpenWrt: EAD Integer Underflow → Pre-Auth Denial of Service

OpenWrt is a Linux operating system targeting embedded devices. Before v25.12.5, an integer underflow in handlesenda of the Emergency Access Daemon allows any unauthenticated attacker on the local network to crash the daemon by sending a single crafted UDP packet. The message length underflows...

6.5CVSS0.00684EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-55490

OpenWrt is a Linux operating system targeting embedded devices. Before v25.12.5, an integer underflow in handlesenda of the Emergency Access Daemon allows any unauthenticated attacker on the local network to crash the daemon by sending a single crafted UDP packet. The message length underflows...

6.5CVSS6AI score0.00684EPSS
Exploits1References4Affected Software1
CVE
CVE
added last week9 views

CVE-2026-55490

OpenWrt OpenWrt (embedded Linux) mediateces: CVE-2026-55490 affects the Emergency Access Daemon’s handle_send_a() where an integer underflow can lead to a pre-auth DoS by an unauthenticated attacker on the local network via a crafted UDP packet. The underflow causes a bounds-check misstep, then a...

6.5CVSS6AI score0.00684EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/07 6:11 a.m.3 views

Security Bulletin: Security vulnerabilities have been found in IBM Application Gateway

Summary Security vulnerabilities have been addressed in IBM Application Gateway Vulnerability Details CVEID:CVE-2026-40355 DESCRIPTION: In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism...

7.5CVSS6AI score0.00501EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.9 views

PT-2026-56265

Name of the Vulnerable Software and Affected Versions OpenWrt versions prior to 25.12.5 Description An integer underflow occurs in the handle send a function of the Emergency Access Daemon. An unauthenticated attacker on the local network can trigger this by sending a single crafted UDP packet,...

6.5CVSS6.1AI score0.00684EPSS
Exploits1References8
Amazon
Amazon
added 2026/07/07 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare CVE-2026-43303 In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl CVE-2026-43492 In...

9.8CVSS6.3AI score0.00675EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/07/06 2:31 p.m.4 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.9AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:59 a.m.4 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.9AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:29 a.m.3 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.9AI score0.00514EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/02 8:58 a.m.6 views

CVE-2026-54257

A flaw was found in Electron, a framework for building cross-platform desktop applications. The Buffer implementation performs incorrect byte length calculations, resulting in a heap buffer underflow or overflow. An attacker could exploit this flaw to cause an application crash or trigger incorre...

9.3CVSS6.1AI score0.00253EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 12:0 a.m.5 views

UBUNTU-CVE-2026-20214

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG...

7.5CVSS7AI score0.00463EPSS
Exploits0References4
Rows per page
Query Builder