Lucene search
K

132 matches found

OSV
OSV
added last week3 views

CVE-2026-15168 Use of Uninitialized Variable in Wireshark

BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure...

2.5CVSS6.1AI score0.00102EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added last week4 views

CVE-2026-15173

pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service...

5.5CVSS6.1AI score0.00089EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.9 views

PT-2026-56591

Name of the Vulnerable Software and Affected Versions ciscodump versions 4.6.0 through 4.6.6 ciscodump versions 4.4.0 through 4.4.16 Description A crash in the software allows for a denial of service, which occurs when the system becomes unavailable to users. There are reports of this issue being...

7.5CVSS6.1AI score0.00097EPSS
Exploits1References5
CVE
CVE
added 2026/06/15 4:54 p.m.43 views

CVE-2026-47777

Affected product: Mastodon (open-source social network server). Vulnerable component: remote Collections feature logic for consent verification. Root cause: missing condition to ensure the FeatureAuthorization object on a remote account actually matches the Collection item, allowing forging of co...

7.5CVSS5.4AI score0.00167EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in libslirp

An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the bootpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘bootpt’ structure. A malicious guest could exploit this flaw to leak...

3.8CVSS6.7AI score0.00326EPSS
Exploits0References2
OSV
OSV
added 2026/05/09 12:32 p.m.8 views

OESA-2026-2228 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of...

7.8CVSS6.1AI score0.00206EPSS
Exploits37References38
Cvelist
Cvelist
added 2026/04/30 11:4 p.m.38 views

CVE-2026-5403 Heap-based Buffer Overflow in Wireshark

SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution...

7.8CVSS0.00161EPSS
Exploits1References2
CVE
CVE
added 2026/04/30 11:3 p.m.16 views

CVE-2026-5656

CVE-2026-5656 affects Wireshark profiles import in Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14, due to improper restriction of a pathname to a restricted directory (path traversal). The issue can lead to denial of service and possible code execution. CVSS v3.1: AV Local, AC High, PR None, UI Required,...

7.8CVSS5.8AI score0.0018EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/04/30 7:16 a.m.8 views

UBUNTU-CVE-2026-6529

iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.00125EPSS
Exploits1References4
OSV
OSV
added 2026/04/30 7:16 a.m.6 views

UBUNTU-CVE-2026-6532

Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.00195EPSS
Exploits1References4
OSV
OSV
added 2026/04/30 7:16 a.m.11 views

UBUNTU-CVE-2026-5655

SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service...

7.5CVSS5.8AI score0.00206EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/30 5:39 a.m.15 views

EUVD-2026-26324

AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00206EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 5:36 a.m.4 views

CVE-2026-6528

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service...

5.5CVSS5.2AI score0.00141EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/30 5:34 a.m.2 views

CVE-2026-6526

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

5.5CVSS5.2AI score0.00124EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2026/04/30 12:0 a.m.6 views

CVE-2026-5407

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.00138EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/04/30 12:0 a.m.6 views

CVE-2026-6536

DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4...

5.5CVSS5.8AI score0.0018EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/04/30 12:0 a.m.6 views

CVE-2026-6528

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service...

5.5CVSS5.8AI score0.00141EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 3:15 p.m.6 views

Security Bulletin: IBM Application Modernization Accelerator is vulnerable to multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to...

8.7CVSS5.8AI score0.00663EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2026/04/10 12:0 a.m.3 views

Dell AppSync elevation of privilege vulnerability (CNVD-2026-17277)

Dell AppSync is a data replication management application from Dell USA. An elevation of privilege vulnerability exists in Dell AppSync version 4.6.0. The vulnerability stems from improper assignment of critical resource privileges and can be exploited by an attacker to cause elevation of privile...

7.3CVSS5.8AI score0.00127EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/03 11:2 p.m.9 views

CVE-2026-34598

YesWiki is a wiki system written in PHP. Prior to version 4.6.0, a stored and blind XSS vulnerability exists in the form title field. A malicious attacker can inject JavaScript without any authentication via a form title that is saved in the backend database. When any user visits that injected...

7.1CVSS5.8AI score0.00213EPSS
Exploits1References1
Rows per page
Query Builder