CVE-2024-14036 Dräger Core 1.0.5 Denial of Service via Malformed SDC Message

Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...

Astra Linux - уязвимость в bluez

In BlueZ before version 5.55, a double-free error was detected in the gatttool disconnectcb routine from the shared/att.c file. A remote attacker could potentially cause a denial of service or code execution during service discovery, due to the redundant disconnect MGMT event...

May 12, 2026—Hotpatch KB5087423 (OS Build 26100.32772)

May 12, 2026—Hotpatch KB5087423 OS Build 26100.32772 This update applies to Windows Server 2025 Datacenter & Standard machines connected to Azure Arc. To learn more about differences between security updates, optional non-security preview updates, out-of-band OOB updates, and continuous innovatio...

CVE-2026-8122

A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogssbidiscoveryoptionaddservicenames in the library /lib/sbi/message.c of the component NSSF. The manipulation results in denial of service. The attack may be performed from remote. The exploit has been made public and...

CVE-2026-33599 Out-of-bounds read in service discovery

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

CVE-2026-33599

CVE-2026-33599 describes a vulnerability in PowerDNS DNSdist where a rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request when triggered via the autoUpgrade (Lua) option to newServer or the auto_upgrade (YAML) setting. DDR upgrade is not enabled by default...

CVE-2026-33599 Out-of-bounds read in service discovery

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

Microsoft Windows SSDP Elevation of Privilege Vulnerability

Microsoft Windows SSDP is a simple service discovery provider program from Microsoft USA. Microsoft Windows SSDP suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

OESA-2026-1984 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...

OESA-2026-1982 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...

[SECURITY] Fedora 44 Update: kf6-kdnssd-6.25.0-1.fc44

KDE Frameworks 6 Tier 1 integration module for DNS-SD services Zeroconf...

CVE-2026-32068

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

HP DeskJet All in One 安全漏洞

The HP DeskJet All in One is a multi-functional inkjet printing device from the American company HP. The HP DeskJet All in One has a security vulnerability, which stems from improper handling of specially crafted WSD scan request verifications. This vulnerability may lead to buffer overflows and...

EUVD-2026-22515

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

EUVD-2026-22489

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

CVE-2026-32082 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

CVE-2025-59809

CVE-2025-59809 is a server-side request forgery (SSRF) vulnerability (CWE-918) in Fortinet FortiSOAR PaaS and FortiSOAR on-premise across multiple versions (PaaS: 7.6.0–7.6.2, 7.6.4, 7.5.0–7.5.2, 7.4 all, 7.3 all; on-premise: 7.6.4, 7.6.0–7.6.2, 7.5.0–7.5.2, 7.4 all, 7.3 all). An authenticated at...