849 matches found
CVE-2026-44057
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
CVE-2026-44057 Dead bounds check in Spotlight RPC unmarshaller
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
CVE-2026-44057
CVE-2026-44057 : Netatalk versions 3.0.0–4.4.2 contain a dead bounds check in the Spotlight RPC unmarshaller, causing an unreachable code path that offers no effective bounds protection. This may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC request...
CVE-2026-44057
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
EUVD-2026-31222
An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...
CVE-2026-7836
CVE-2026-7836 affects Netatalk 2.0.0–4.4.2. The vulnerability is caused by an incorrect calculation in the hextoint macro due to improper uppercase character handling. This can allow a remote authenticated attacker to cause limited data modification via crafted hexadecimal input. A fix is availab...
CVE-2026-7836
An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...
CVE-2026-7836 hextoint macro uppercase bug
An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...
CVE-2026-7836 hextoint macro uppercase bug
An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...
CVE-2026-7836
An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...
EUVD-2026-31223
A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...
CVE-2026-7835 Format string argument mismatch
A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...
CVE-2026-7835
A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...
CVE-2026-7835
Netatalk 3.0.3–4.4.2 are affected by a format string argument mismatch. The issue (CVE-2026-7835) is fixed in 4.5.0. Debates indicate a remote authenticated attacker could cause a minor denial of service via crafted input; CVSS indicates Low impact. Recommended remediation: upgrade to Netatalk 4....
CVE-2026-7835 Format string argument mismatch
A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...
CVE-2026-7835
A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...
CVE-2026-44076 Shell injection via volume path
Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...
CVE-2026-44076 Shell injection via volume path
Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...
EUVD-2026-31219
Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...
CVE-2026-44076
CVE-2026-44076 affects Netatalk versions 3.1.0 through 4.4.2, with shell injection via volume path. The issue arises from insufficient sanitization of volume paths and is fixed in 4.4.3. Impact is described as local, with potential for arbitrary code execution by a local privileged user through a...