3315 matches found
CVE-2026-33599
A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...
CVE-2026-33598
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
UBUNTU-CVE-2026-33598
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
CVE-2026-33598
PowerDNS DNSdist is affected by CVE-2026-33598: a cached crafted response can trigger an out-of-bounds read when Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. Multiple vendors/advisories (SUSE, Red Hat, Debian, Alpine, EUVD, NVD) document the flaw. The pro...
CVE-2026-33598 Out-of-bounds read in cache inspection via Lua
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
CVE-2026-33598
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
CVE-2026-33598 Out-of-bounds read in cache inspection via Lua
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
CVE-2026-33598
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
Linux Distros Unpatched Vulnerability : CVE-2026-33598
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
PowerDNS DNSdist 缓冲区错误漏洞
PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a buffer error vulnerability. This vulnerability stems from custom Lua code that calls getDomainListByAddress or getAddressListByDomain...
PT-2026-34442
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A cached crafted response can cause an out-of-bounds read, which occurs when a program reads data outside the intended boundary of a buffer. This happens if cust...
SUSE CVE-2026-40959
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...
DEBIAN-CVE-2026-40959
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...
CVE-2026-40959
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...
CVE-2026-40959
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...
CVE-2026-40959
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...
CVE-2026-40959
CVE-2026-40959 affects Luanti 5.x prior to 5.15.2. When using LuaJIT, a crafted mod can cause a Lua sandbox escape. The issue is described in multiple sources as Luanti 5 before 5.15.2, with the sandbox escape vulnerability carrying a high impact in CVSS (high confidentiality, integrity, and avai...
EUVD-2026-23149
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...
Luanti 安全漏洞
Luanti is an open-source voxel game engine developed by Luanti itself, supporting mods and game creation. Versions of Luanti prior to 5.5.15.2 contained security vulnerabilities; these vulnerabilities stemmed from the possibility of Lua sandbox escape through specially crafted mods when using...
PT-2026-33197
Name of the Vulnerable Software and Affected Versions Luanti versions 5.0 through 5.15.1 Description A sandbox escape exists when LuaJIT is used, allowing a crafted mod to execute arbitrary code outside the game engine. Recommendations Update to version 5.15.2...