35 matches found
CVE-2026-9539
An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...
UBUNTU-CVE-2026-9539
An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...
CVE-2026-9539
CVE-2026-9539 affects freedesktop.org libslirp (prior to v4.9.2) used on hypervisor host environments (e.g., QEMU). A vulnerability in the TCP urgent data handling (sosendoob) can cause an out-of-bounds heap read and integer underflow, enabling a privileged guest VM attacker (root or CAP_NET_RAW)...
EUVD-2026-38654
An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...
CVE-2026-9539
An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...
EUVD-2021-18310
Malware in sbrugna...
EUVD-2020-9464
Malware in sbrugna...
EUVD-2024-52827
Malicious code in bioql PyPI...
SUSE CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
DEBIAN-CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
UBUNTU-CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
CVE-2024-55629 affects Suricata prior to 7.0.8, where TCP urgent data handling could cause data to be analyzed differently than at endpoints, enabling evasions. In IPS mode, administrator can drop urgent-data packets via rules (e.g., tcp.flags:U*). The issue is addressed in Suricata 7.0.8 and lat...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
RHEL 5 : open-iscsi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Open-iSCSI: invalid handing of the TCP urgent data pointer CVE-2020-17437 - An issue was discovered in...
RHEL 6 : open-iscsi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Open-iSCSI: invalid handing of the TCP urgent data pointer CVE-2020-17437 - An issue was discovered in...
telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code
A vulnerability was found where incorrect bounds checks in the telnet server’s telnetd handling of short writes and urgent data, could lead to information disclosure and corruption of heap data. An unauthenticated remote attacker could exploit these bugs by sending specially crafted telnet packet...