Lucene search
K

547 matches found

CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Neat VNC 安全漏洞

Neat VNC is a freely licensed VNC server library developed by Andri Yngvason. Versions of Neat VNC prior to 0.9.6 contained security vulnerabilities. These vulnerabilities stemmed from a buffer overflow in the RSA-AES security processor, which could allow unauthenticated remote attackers to cause...

9.3CVSS6.1AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/06 11:40 p.m.8 views

CVE-2026-43260

A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/06 8:38 p.m.13 views

CVE-2026-40243 Incus OVN TLS verification accepts peer-supplied roots and permits endpoint impersonation

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

2.3CVSS5.8AI score0.00173EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/05/06 8:38 p.m.16 views

CVE-2026-40243

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

4.8CVSS5.8AI score0.00173EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.7 views

CVE-2026-43260

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

5.8AI score0.00138EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.30 views

CVE-2026-43260

The CVE concerns the bnxt_en driver in the Linux kernel. The vulnerability stems from RSS context deletion logic that could leak VNICs in firmware when deleting RSS contexts with the interface down, leading to failures when re-opening and restoring RSS contexts. The fix removes the netif_running(...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.7 views

CVE-2026-43094

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: add missing negotiatefeatures op to Hyper-V ops table Commit a7075f501bd3 "ixgbevf: fix mailbox API compatibility by negotiating supported features" added the .negotiatefeatures callback to ixgbemacoperations and populat...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Incus 信任管理问题漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 7.0.0 contained a vulnerability related to trust management. This vulnerability stemmed from a corrupted TLS verification logic in the OVN database connection logic. It could allow attackers to...

4.8CVSS5.8AI score0.00173EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37600

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bnxt en driver regarding the RSS context delete logic. The driver incorrectly used a netif running check when deleting an RSS context, which caused VNICs Virtual...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References51
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.10 views

SUSE CVE-2026-31700

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer shared with userspace. The kernel validates the header via...

7CVSS5.9AI score0.00103EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.7 views

Wireshark 2.4.x < 2.4.6 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.6 advisory. - The MP4 dissector could crash. It may be possible to make Wireshark crash by injecting a malformed pack...

5.8AI score
Exploits0References30
RedhatCVE
RedhatCVE
added 2026/05/01 7:48 p.m.5 views

CVE-2026-31700

A flaw was found in the Linux kernel. A Time-of-check to Time-of-use TOCTOU race condition exists in the tpacketsnd function when PACKETVNETHDR is enabled. A local user can exploit this by modifying the vnethdr fields in the mmap'd TX ring buffer between validation and use, thereby bypassing safe...

7.8CVSS5.9AI score0.00103EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.30 views

CVE-2026-31738 vxlan: validate ND option lengths in vxlan_na_create

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...

0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 1:56 p.m.4 views

EUVD-2026-26509

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer shared with userspace. The kernel validates the header via...

5.9AI score0.00103EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

RHEL 9 : ovn25.03 (RHSA-2026:11701)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11701 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.5AI score0.00868EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

RHEL 9 : ovn24.03 (RHSA-2026:11700)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11700 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.5AI score0.00868EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/04/29 12:45 p.m.8 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/29 12:45 p.m.12 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/29 12:44 p.m.5 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/29 12:42 p.m.7 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References4
Rows per page
Query Builder