CVE-2026-23823

A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. NOTE: This vulnerability only...

EUVD-2026-31108

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected...

ALPINE-CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

CVE-2026-3119

CVE-2026-3119 affects ISC BIND 9: when processing a correctly signed query containing a TSIG-signed TKEY, named may crash (terminate unexpectedly). Affected versions: 9.20.0–9.20.20, 9.21.0–9.21.19, and 9.20.9-S1–9.20.20-S1. Unaffected: 9.18.0–9.18.46 and 9.18.11-S1–9.18.46-S1. The issue requires...

SUSE CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

PT-2026-27773

Name of the Vulnerable Software and Affected Versions BIND versions 9.20.0 through 9.20.20 BIND versions 9.21.0 through 9.21.19 BIND versions 9.20.9-S1 through 9.20.20-S1 Description BIND may terminate unexpectedly when processing a correctly signed query containing a TKEY record. This issue occu...

SA44101 - 2019-04: Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure PCS and Pulse Policy Secure PPS. This includes an authentication by-pass vulnerability that can...

CVE-2023-22414

A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator FPC of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a heap memory leak and leading to FPC crash. On all Junos PTX...

CVE-2022-22248

An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS Evolved allows a low-privileged local user to modify the contents of a configuration file which could cause another user to execute arbitrary commands within the context of the follow-on user's...

CVE-2020-1979

A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...

CVE-2019-17100

An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Security versions prior to 24.0.12.69...

OpenSSL OCSP status request extension there is a serious vulnerability-a vulnerability warning-the black bar safety net

Overview OpenSSL OCSP status request extension there is a serious vulnerability, the vulnerability to make a malicious client can exhaust server memory. The use of the vulnerability, to make the default configuration of the server on each Protocol heavy commercial division with a period of OCSP i...