440 matches found
CVE-2026-34397 himmelblau: NSS fake-primary group lookup reintroduces name collision risk
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...
CVE-2026-34397 himmelblau: NSS fake-primary group lookup reintroduces name collision risk
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...
Himmelblau 安全漏洞
Himmelblau is an open-source Azure Entra ID authentication module developed by Himmelblau. There is a security vulnerability in Himmelblau, which stems from conditional local privilege escalation due to name conflicts in edge scenarios. If the mapped CN or short name matches the name of a...
CVE-2026-4438
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...
CVE-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...
CVE-2026-4437 gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...
CVE-2026-30871 OpenWrt Project has Stack-based Buffer Overflow in DNS PTR Query
OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...
CVE-2026-3904
A flaw was found in glibc. When calling NSS-backed functions that support caching via nscd, the nscd client under high load on x8664 systems may call the memcmp function on inputs that are concurrently modified by other processes or threads, causing a crash and resulting in a denial of service...
UBUNTU-CVE-2026-3904
Calling NSS-backed functions that support caching via nscd may call th...
CVE-2026-3904
Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...
CVE-2026-3904
Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...
CVE-2026-3904
Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...
CVE-2026-30919 facileManager Affected by Stored Cross-Site Scripting (XSS)
facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS also known as persistent or second-order XSS occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. Thi...
PT-2026-24149
Name of the Vulnerable Software and Affected Versions facileManager versions prior to 6.0.4 Description facileManager is a suite of web applications designed for system administrators. A stored cross-site scripting XSS issue exists in the fmDNS module. This type of attack occurs when an applicati...
NewStart CGSL MAIN 6.06 (SP) : c-ares Vulnerability (NS-SA-2026-0023)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has c-ares packages installed that are affected by a vulnerability: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames whi...
CVE-2026-20067 Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...
CVE-2026-22866
Ethereum Name Service ENS is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check...
CVE-2026-22866
The CVE-2026-22866 entry describes a Bleichenbacher-style RSA signature forgery flaw in Ethereum Name Service (ENS) DNSSEC tooling. In ENS v1.6.2 and earlier, RSASHA256Algorithm and RSASHA1Algorithm do not validate PKCS#1 v1.5 padding correctly and only compare the trailing 32 (or 20) bytes of th...
ENS 数据伪造问题漏洞
ENS is an open-source Ethereum domain name service, involving both registrars and local resolvers. Versions of ENS 1.6.2 and earlier had a vulnerability related to data manipulation. This vulnerability stemmed from the lack of verification of the PKCS1 v1.5 padding structure during RSA signature...
📄 sudo 1.9.17 chroot Privilege Escalation
This Metasploit module exploits CVE-2025-32463, a local privilege escalation vulnerability in Sudo's chroot functionality. The vulnerability allows attackers to load malicious NSS Name Service Switch modules from within a chroot environment, leading to arbitrary code execution as root...