exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2025-40820

2 месяца назад

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.

CVSS3: 7.5

EPSS: Низкий

GHSA-84r6-pwmm-h2fw

2 месяца назад

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.

CVSS3: 7.5

EPSS: Низкий

BDU:2026-00196

2 месяца назад

Уязвимость микропрограммного обеспечения программируемых логических контроллеров Siemens SIMATIC S7, связанная с недостаточной проверкой источника канала связи, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-40820 Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.	CVSS3: 7.5	0% Низкий	2 месяца назад
GHSA-84r6-pwmm-h2fw Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.	CVSS3: 7.5	0% Низкий	2 месяца назад
BDU:2026-00196 Уязвимость микропрограммного обеспечения программируемых логических контроллеров Siemens SIMATIC S7, связанная с недостаточной проверкой источника канала связи, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	0% Низкий	2 месяца назад

Уязвимостей на страницу