Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Category: network Clear
ID Title
CVE-2026-50722 Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly...
Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly...
CVE-2026-50721 Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify...
Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify...
CVE-2026-12413 An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart....
An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart....
CVE-2026-57278 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57274 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57272 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-13539 A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425. The impacted element is the...
A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425. The impacted element is the...
CVE-2026-13518 A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function...
A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function...
CVE-2026-58050 libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey...
libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey...
CVE-2025-67038 KEV An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...
CVE-2026-54100 A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
CVE-2026-52720 Vulnerability in CVE-2026-52720 (CVE-2026-52720)
vulnerability in CVE-2026-52720 (CVE-2026-52720). Successful exploitation can lead to full system takeover.
CVE-2026-11503 A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is...
A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is...
CVE-2026-10192 A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function...
A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function...
CVE-2026-10191 A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function...
A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function...
CVE-2026-10189 A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the...
A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the...
CVE-2026-44421 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs....
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdi_CacheToSurface: it validates a destination rectangle that is clamped to UINT16_MAX...
CVE-2026-44420 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel b...
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU with a too-small capabilitySetLength. This can crash the server process...
CVE-2026-42083 Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
CVE-2026-3012 A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
CVE-2026-44905 Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza....
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN.1 decoder accepts the structure as syntactically val...
CVE-2026-43988 Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When pro...
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing corrupted ASN.1/OER structures (e.g., invalid length fi...
CVE-2026-42302 Vulnerability in openai-sdk (CVE-2026-42302)
vulnerability in openai-sdk (CVE-2026-42302). Successful exploitation can lead to full system takeover. Exploitable via ``entrypoint.sh``.
CVE-2026-42193 Vulnerability in aws (CVE-2026-42193)
vulnerability in aws (CVE-2026-42193). Data can be tampered with by attackers.
CVE-2026-42072 Vulnerability in graph (CVE-2026-42072)
vulnerability in graph (CVE-2026-42072). Successful exploitation can lead to full system takeover. Exploitable via ``NORNICDB_ADDRESS``.
CVE-2026-38360 Path Traversal in path-traversal (CVE-2026-38360)
path traversal in path-traversal (CVE-2026-38360). Successful exploitation can lead to full system takeover.
CVE-2026-41070 Authentication Bypass in openvpn (CVE-2026-41070)
authentication bypass in openvpn (CVE-2026-41070). Confidential information can be exposed externally. Exploitable via ``plugin``.
CVE-2026-44497 Vulnerability in zfnd (CVE-2026-44497)
vulnerability in zfnd (CVE-2026-44497). Data can be tampered with by attackers. Exploitable via ``zcashd``. Mitigation: upgrade to `4.4.0` or later.
CVE-2026-8153 OS Command Injection in iot-embedded (CVE-2026-8153)
OS command injection in iot-embedded (CVE-2026-8153). Successful exploitation can lead to full system takeover.
CVE-2025-69690 Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
CVE-2025-69691 Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
CVE-2023-46453 SQL Injection in network-device (CVE-2023-46453)
SQL injection in network-device (CVE-2023-46453). Successful exploitation can lead to full system takeover.
CVE-2026-43944 Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
CVE-2026-43941 Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
CVE-2026-41500 Command Injection in electerm-project (CVE-2026-41500)
command injection in electerm-project (CVE-2026-41500). Successful exploitation can lead to full system takeover. Exploitable via ``releaseInfo.name``. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-33109 Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
CVE-2026-33844 Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
CVE-2026-33823 Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
CVE-2026-30496 Vulnerability in android (CVE-2026-30496)
vulnerability in android (CVE-2026-30496). Successful exploitation can lead to full system takeover.
CVE-2026-6973 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-43208 Vulnerability in linux (CVE-2026-43208)
vulnerability in linux (CVE-2026-43208). Successful exploitation can lead to full system takeover.
CVE-2026-43198 Vulnerability in linux (CVE-2026-43198)
vulnerability in linux (CVE-2026-43198). Successful exploitation can lead to full system takeover.
CVE-2026-43186 Vulnerability in c (CVE-2026-43186)
vulnerability in c (CVE-2026-43186). Successful exploitation can lead to full system takeover.
CVE-2026-43185 Vulnerability in linux (CVE-2026-43185)
vulnerability in linux (CVE-2026-43185). Successful exploitation can lead to full system takeover.
CVE-2026-43114 Vulnerability in c (CVE-2026-43114)
vulnerability in c (CVE-2026-43114). Confidential information can be exposed externally.
CVE-2026-43083 Vulnerability in linux (CVE-2026-43083)
vulnerability in linux (CVE-2026-43083). Confidential information can be exposed externally.
CVE-2026-0300 KEV [KEV] Out-of-Bounds Write in Palo alto networks palo-alto-networks (CVE-2026-0300)
out-of-bounds write in Palo alto networks palo-alto-networks (CVE-2026-0300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-35579 Authentication Bypass in github.com/coredns/coredns (CVE-2026-35579)
authentication bypass in github.com/coredns/coredns (CVE-2026-35579). Successful exploitation can lead to full system takeover. Exploitable via ``tsigStatus``. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-42087 SQL Injection in sqli (CVE-2026-42087)
SQL injection in sqli (CVE-2026-42087). Confidential information can be exposed externally. Exploitable via ``tsdb_lookup``.
CVE-2026-33846 A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of...
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of...

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →