Lucene search
K

1475 matches found

Cvelist
Cvelist
added 2026/04/30 5:41 p.m.46 views

CVE-2026-33845 Gnutls: gnutls: denial of service via dtls zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

7.5CVSS0.00805EPSS
Exploits0References15
EUVD
EUVD
added 2026/04/30 5:41 p.m.6 views

EUVD-2026-26392

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

7.5CVSS5.2AI score0.00805EPSS
Exploits0References2
CVE
CVE
added 2026/04/30 5:41 p.m.113 views

CVE-2026-33845

The CVE-2026-33845 issue is a GnuTLS DTLS handshake parsing flaw that can trigger an integer underflow during reassembly of malformed DTLS fragments (zero length, non-zero offset), causing an out-of-bounds read. Connected OSV entries indicate affected packages such as rootio-gnutls28 in Root:Debi...

9.1CVSS5.2AI score0.00805EPSS
Exploits0References16Affected Software3
Vulnrichment
Vulnrichment
added 2026/04/30 5:41 p.m.7 views

CVE-2026-33845 Gnutls: gnutls: denial of service via dtls zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

7.5CVSS5.2AI score0.00805EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2026/04/30 5:41 p.m.8 views

CVE-2026-33845

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.2AI score0.00805EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/04/30 5:37 p.m.8 views

CVE-2026-33845

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service. Mitigati...

9.1CVSS5.6AI score0.00805EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/30 5:28 p.m.3 views

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the DTLS handshake parsing process. An attacker can cause an out-of-bounds read and potentially disclose sensitive memory or crash the application by sending specially crafted DTLS handshake...

9.1CVSS5.8AI score0.00805EPSS
Exploits0References2
OSV
OSV
added 2026/04/30 5:10 p.m.8 views

CLSA-2026-1777569045 libsoup: Fix of CVE-2026-2369

CVE-2026-2369: fix integer underflow in sniffunknown on zero-length buffer that caused an out-of-bounds read in the content sniffer...

9.1CVSS5.9AI score0.0042EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.4 views

PT-2026-36149

Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw in DTLS handshake parsing allows malformed fragments with zero length and non-zero offset to cause an integer underflow during reassembly. This leads to an out-of-bounds read, which is...

9.8CVSS5.8AI score0.01335EPSS
Exploits2References103
RedHat Linux
RedHat Linux
added 2026/04/27 5:41 a.m.5 views

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

7.5CVSS5.3AI score0.00467EPSS
Exploits0References6
CloudLinux
CloudLinux
added 2026/04/25 8:51 a.m.9 views

busybox: Fix of 4 CVEs

CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding - CVE-2017-16544: reject terminal control sequences in shell tab completion - CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths - CVE-2019-5747: validate DHCPSUBNET option length before decoding...

9.8CVSS6.7AI score0.32381EPSS
Exploits14
OSV
OSV
added 2026/04/23 3:54 p.m.8 views

CLSA-2026-1776959688 busybox: Fix of 4 CVEs

CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding - CVE-2017-16544: reject terminal control sequences in shell tab completion - CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths - CVE-2019-5747: validate DHCPSUBNET option length before decoding...

9.8CVSS7.3AI score0.32381EPSS
Exploits14References1
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.27 views

CVE-2026-31498 Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...

0.00123EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013556)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013556 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at...

5.3AI score0.00173EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013835)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013835 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013496)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013496 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with...

5.5CVSS6AI score0.00252EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.7 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the internal IPv4 header length in the IPTFS payload. This vulnerability ma...

5.5CVSS6AI score0.00121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/21 7:23 p.m.7 views

CVE-2026-41285

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery ND option over a local network with length zero, because of an "ndoptlen 8 - 2" expression with no preceding check for whether ndoptlen is zero...

4.3CVSS5.8AI score0.00209EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 12:32 a.m.10 views

EUVD-2026-23996

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery ND option over a local network with length zero, because of an "ndoptlen 8 - 2" expression with no preceding check for whether ndoptlen is zero...

4.3CVSS5.8AI score0.00209EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011374)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011374 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References4
Rows per page
Query Builder