Lucene search
+L

7 matches found

osv
osv
added 2026/06/25 10:34 p.m.6 views

GO-2026-5552 OliveTin has Unvalidated `ot_`-prefixed Arguments that Bypass Input Filtering in github.com/OliveTin/OliveTin

OliveTin has Unvalidated ot-prefixed Arguments that Bypass Input Filtering in github.com/OliveTin/OliveTin...

5.8AI score
Exploits0References2
nvd
nvd
added 2026/05/26 4:16 p.m.19 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS0.00565EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2026/05/26 4:16 p.m.14 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.3AI score0.00565EPSS
Exploits0References7
debiancve
debiancve
added 2026/05/26 12:0 a.m.12 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.4AI score0.00565EPSS
Exploits0
euvd
euvd
added 2026/05/26 12:0 a.m.14 views

EUVD-2026-31842

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.4AI score0.00565EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/08 1:19 p.m.32 views

CVE-2026-41496 PraisonAI: SQL Injection via unvalidated `table_prefix` in 9 conversation store backends (incomplete fix for CVE-2026-40315)

PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.9 and praisonaiagents version 1.6.9, the fix for CVE-2026-40315 added input validation to SQLiteConversationStore only. Nine sibling backends — MySQL, PostgreSQL, async SQLite/MySQL/PostgreSQL, Turso, SingleStore, Supabase,...

8.1CVSS0.00347EPSS
Exploits2References1
osv
osv
added 2022/08/04 8:35 p.m.8 views

CVE-2022-35927 Unverified DIO prefix info lengths in RPL-Classic in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option DIO control message can contain a prefix information option with a length parameter. The value...

8.1CVSS7.1AI score0.0167EPSS
Exploits0References5
Rows per page
Query Builder