Skip to main content

CWE-839

Numeric Range Comparison Without Minimum Check

5 CVEs Avg CVSS 7.1 MITRE
1
CRITICAL
2
HIGH
2
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2026-53176 CRITICAL PATCH Act Now

Remote denial of service in the Linux kernel's iSER (iSCSI Extensions for RDMA) target driver (IB/isert) allows an unauthenticated attacker on the RDMA fabric to crash a storage target node by sending an undersized iSCSI login PDU. The isert_login_recv_done() handler subtracts the 76-byte ISER_HEADERS_LEN from the received byte count without a lower bound, producing a negative signed login_req_len that is later sign-extended into a multi-gigabyte memcpy() length, causing a faulting out-of-bounds copy. Because the login phase precedes iSCSI authentication, no credentials are required; there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.21%).

Linux Denial Of Service
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-56968 MEDIUM PATCH This Month

Memory disclosure in GNU SASL's NTLM client implementation allows a malicious or man-in-the-middle server to extract portions of client process memory by delivering a crafted undersized challenge to the `_gsasl_ntlm_client_step` function. All GNU SASL versions before 2.2.4 are affected, with the fix confirmed in the 2.2.4 release and a Debian security advisory issued downstream. No active exploitation has been identified; the high attack complexity required to position a malicious NTLM server tempers the already-low CVSS 3.7 rating.

Information Disclosure Gnu Sasl
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-48840 MEDIUM PATCH This Month

Uninitialized stack memory disclosure in Exim 4.88 through 4.99.3 allows remote unauthenticated attackers to read arbitrary stack memory contents by sending specially crafted short payloads to proxy-enabled SMTP listeners. The vulnerability is constrained to proxy configurations but requires no authentication and no user interaction (AV:N/AC:L/PR:N/UI:N), making it trivially reachable against exposed instances. No public exploit code or CISA KEV listing exists at time of analysis, and a vendor-released fix is available in Exim 4.99.4.

Information Disclosure Exim
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-0425 HIGH PATCH This Week

ABB is aware of vulnerabilities in the product versions listed below. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Abb Information Disclosure Ac700F Firmware Freelance 2013 Freelance 2016 +1
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-22854 HIGH This Week

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
CVSS 3.1
7.5
EPSS
0.6%
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Remote denial of service in the Linux kernel's iSER (iSCSI Extensions for RDMA) target driver (IB/isert) allows an unauthenticated attacker on the RDMA fabric to crash a storage target node by sending an undersized iSCSI login PDU. The isert_login_recv_done() handler subtracts the 76-byte ISER_HEADERS_LEN from the received byte count without a lower bound, producing a negative signed login_req_len that is later sign-extended into a multi-gigabyte memcpy() length, causing a faulting out-of-bounds copy. Because the login phase precedes iSCSI authentication, no credentials are required; there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.21%).

Linux Denial Of Service
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Memory disclosure in GNU SASL's NTLM client implementation allows a malicious or man-in-the-middle server to extract portions of client process memory by delivering a crafted undersized challenge to the `_gsasl_ntlm_client_step` function. All GNU SASL versions before 2.2.4 are affected, with the fix confirmed in the 2.2.4 release and a Debian security advisory issued downstream. No active exploitation has been identified; the high attack complexity required to position a malicious NTLM server tempers the already-low CVSS 3.7 rating.

Information Disclosure Gnu Sasl
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Uninitialized stack memory disclosure in Exim 4.88 through 4.99.3 allows remote unauthenticated attackers to read arbitrary stack memory contents by sending specially crafted short payloads to proxy-enabled SMTP listeners. The vulnerability is constrained to proxy configurations but requires no authentication and no user interaction (AV:N/AC:L/PR:N/UI:N), making it trivially reachable against exposed instances. No public exploit code or CISA KEV listing exists at time of analysis, and a vendor-released fix is available in Exim 4.99.4.

Information Disclosure Exim
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

ABB is aware of vulnerabilities in the product versions listed below. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Abb Information Disclosure Ac700F Firmware +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy