9705 matches found
Netatalk 竞争条件问题漏洞
Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.2.5 to 4.4.2 of Netatalk contained a race condition vulnerability. This vulnerability stemmed from a race condition in t...
PT-2026-42405
Name of the Vulnerable Software and Affected Versions Netatalk versions 3.1.0 through 4.4.2 Description An SQL injection in the MySQL CNID backend allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service. SQL injection is a type of fl...
PT-2026-42425
Name of the Vulnerable Software and Affected Versions Netatalk versions 3.0.0 through 4.4.2 Description An integer underflow occurs in the volxlate function. This allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption by providing...
PT-2026-42413
Name of the Vulnerable Software and Affected Versions Netatalk versions 1.3 through 4.2.2 Description A stack-based buffer overflow occurs in desktop.c. This allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data. A stack-based buff...
Netatalk 安全漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.0 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from a check on time usage conditions...
Netatalk SQL注入漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk have a SQL injection vulnerability. This vulnerability stems from the MySQL CNID backend’s SQL...
PT-2026-42442
A time-of-check time-of-use TOCTOU condition in the ad flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...
PT-2026-42415
Name of the Vulnerable Software and Affected Versions Netatalk versions 2.2.5 through 4.4.2 Description A race condition exists in the privilege toggle mechanism due to a non-reentrant privilege toggle. This allows a local attacker to obtain limited information, modify limited data, or cause a...
PT-2026-42421
Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description An off-by-two error in the lp write function within papd allows an adjacent network attacker to modify limited data or cause a minor service disruption by sending crafted print data...
Netatalk 安全漏洞
Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. There were security vulnerabilities in Netatalk versions 1.3 through 4.2.2. These vulnerabilities stemmed from a stack buffer...
Netatalk 安全漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.0.0 to 4.4.2 of Netatalk have security vulnerabilities. These vulnerabilities stem from a minor error in the lpwrite functio...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dm-crypt: Do not modify the data when using authenticated encryption. It was stated that authenticated encryption could produce invalid tags when the data being encrypted was modified 1. Therefore, this issue can be addressed by...
Astra Linux - уязвимость в openjdk-11
A vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The versions affected include Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JNDI. The supported versions affected include Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3, and 22.2.0. This vulnerabili...
Astra Linux - уязвимость в mariadb-10.3
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. The supported versions affected are 5.7.35 and earlier, as well as 8.0.26 and earlier. This easily exploitable vulnerability allows a highly privileged attacker with network access via multiple protocols to compromise th...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JSSE. The supported versions affected by this vulnerability are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK:...
Astra Linux - уязвимость в openjdk-11
A vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Networking. The versions affected include Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM...
Astra Linux - уязвимость в openjdk-11
A vulnerability exists in the Oracle Java SE and Oracle GraalVM Enterprise Edition products developed by Oracle Java SE component: Hotspot. The versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Keytool. The supported versions affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This easily exploitable vulnerability allows an unauthenticat...
CVE-2025-15369
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getcontenteditor function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to create...