Lucene search
+L

849 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/21 8:14 a.m.11 views

CVE-2026-44057

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...

3.1CVSS5.9AI score0.00186EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/21 8:14 a.m.47 views

CVE-2026-44057 Dead bounds check in Spotlight RPC unmarshaller

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...

3.1CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 8:14 a.m.26 views

CVE-2026-44057

CVE-2026-44057 : Netatalk versions 3.0.0–4.4.2 contain a dead bounds check in the Spotlight RPC unmarshaller, causing an unreachable code path that offers no effective bounds protection. This may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC request...

3.1CVSS5.9AI score0.00186EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 8:14 a.m.19 views

CVE-2026-44057

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...

3.1CVSS5.9AI score0.00186EPSS
Exploits0
EUVD
EUVD
added 2026/05/21 7:35 a.m.15 views

EUVD-2026-31222

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...

3.1CVSS5.8AI score0.00257EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 7:35 a.m.26 views

CVE-2026-7836

CVE-2026-7836 affects Netatalk 2.0.0–4.4.2. The vulnerability is caused by an incorrect calculation in the hextoint macro due to improper uppercase character handling. This can allow a remote authenticated attacker to cause limited data modification via crafted hexadecimal input. A fix is availab...

3.1CVSS5.8AI score0.00257EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:35 a.m.7 views

CVE-2026-7836

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...

3.1CVSS5.8AI score0.00257EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/21 7:35 a.m.50 views

CVE-2026-7836 hextoint macro uppercase bug

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...

3.1CVSS0.00257EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 7:35 a.m.13 views

CVE-2026-7836 hextoint macro uppercase bug

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...

3.1CVSS5.8AI score0.00257EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 7:35 a.m.21 views

CVE-2026-7836

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...

3.1CVSS5.8AI score0.00257EPSS
Exploits0
EUVD
EUVD
added 2026/05/21 7:35 a.m.16 views

EUVD-2026-31223

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS5.8AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 7:35 a.m.11 views

CVE-2026-7835 Format string argument mismatch

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS5.8AI score0.00294EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:35 a.m.12 views

CVE-2026-7835

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS5.8AI score0.00294EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/21 7:35 a.m.26 views

CVE-2026-7835

Netatalk 3.0.3–4.4.2 are affected by a format string argument mismatch. The issue (CVE-2026-7835) is fixed in 4.5.0. Debates indicate a remote authenticated attacker could cause a minor denial of service via crafted input; CVSS indicates Low impact. Recommended remediation: upgrade to Netatalk 4....

3.1CVSS5.8AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 7:35 a.m.45 views

CVE-2026-7835 Format string argument mismatch

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS0.00294EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 7:35 a.m.16 views

CVE-2026-7835

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS5.8AI score0.00294EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/21 7:35 a.m.7 views

CVE-2026-44076 Shell injection via volume path

Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...

6.7CVSS6.2AI score0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 7:35 a.m.44 views

CVE-2026-44076 Shell injection via volume path

Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...

6.7CVSS0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/21 7:35 a.m.11 views

EUVD-2026-31219

Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...

6.7CVSS6.2AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 7:35 a.m.27 views

CVE-2026-44076

CVE-2026-44076 affects Netatalk versions 3.1.0 through 4.4.2, with shell injection via volume path. The issue arises from insufficient sanitization of volume paths and is fixed in 4.4.3. Impact is described as local, with potential for arbitrary code execution by a local privileged user through a...

6.7CVSS6.2AI score0.0013EPSS
Exploits0References1
Rows per page
Query Builder