FastNetMon 缓冲区错误漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contained a buffer error vulnerability, which stems from boundary-checking errors in the dynamicbinarybuffert class, potentially leadi...

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

Amazon Linux 2023 : dnsmasq, dnsmasq-utils (ALAS2023-2026-1729)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1729 advisory. A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4890 A heap-based out-of-bound...

RHEL 8 : dnsmasq (RHSA-2026:20589)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20589 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

CVE-2026-48689

CVE-2026-48689 affects FastNetMon Community Edition up to 1.2.9, due to an off-by-one heap-based buffer overflow in dynamic_binary_buffer.hpp. Five methods (append_dynamic_buffer, append_data_as_pointer, append_data_as_object_ptr, memcpy_from_ptr, memcpy_from_object_ptr) check bounds with offset ...

ROS-20260526-73-0007

A vulnerability in the lzmaindexappend function of the XZ Utils data compression package is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

PT-2026-43377

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An off-by-one heap-based buffer overflow exists in the dynamic binary buffer t class within the src/dynamic binary buffer.hpp file. The issue stems from an incorrect bounds chec...

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

CVE-2026-41413

A flaw was found in Istio. When a RequestAuthentication resource is created with a jwksUri JSON Web Key Set Uniform Resource Identifier that points to an internal service, istiod the Istio control plane daemon makes an unauthenticated HTTP GET request to that URL. This request does not properly...

[SECURITY] Fedora 44 Update: bind-dyndb-ldap-11.11-15.fc44

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

CVE-2026-9408

Totolink A8000RU Web Management ( CGI: /cgi-bin/cstecgi.cgi ) is affected by CVE-2026-9408. The vulnerability centers on the setStaticDhcpRules function where manipulating the enable argument leads to OS command injection. Impact is described as remote exploitation with high severity (scores in C...

Fedora 44 : bind / bind-dyndb-ldap (2026-411248c8d9)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-411248c8d9 advisory. Update to 9.18.49 rhbz2480121 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...

Malicious code in class-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3876854a76bda6892f76b9b44c67e066bfc6315a7e3d27431137727ff0ee728 The package advertises itself as a clsx/twMerge-style class-name merging utility, but the exported applyGlobalStylespalette, accents function contain...

MAL-2026-4520 Malicious code in class-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3876854a76bda6892f76b9b44c67e066bfc6315a7e3d27431137727ff0ee728 The package advertises itself as a clsx/twMerge-style class-name merging utility, but the exported applyGlobalStylespalette, accents function contain...

Malicious code in tailwind-typography-stylecss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 273b99f5721643d8ba8335fd73b46b4b32f81406d73f44e7a16552e16b8becd6 Package name 'tailwind-typography-stylecss' impersonates the official '@tailwindcss/typography' plugin; the shipped README is a verbatim copy of the...

MAL-2026-4681 Malicious code in tailwind-typography-stylecss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 273b99f5721643d8ba8335fd73b46b4b32f81406d73f44e7a16552e16b8becd6 Package name 'tailwind-typography-stylecss' impersonates the official '@tailwindcss/typography' plugin; the shipped README is a verbatim copy of the...

ROS-20260524-73-0033

A vulnerability in the vim text editor is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Ipados

dyld-signing-oracle-poc A controlled exploration of dyld's pa...