CVE-2026-44057

A flaw was found in Netatalk. A dead bounds check in the Spotlight RPC unmarshaller may allow a remote authenticated attacker to obtain limited information. This vulnerability is triggered by sending crafted Spotlight RPC requests, leading to an information disclosure...

CVE-2026-44057

CVE-2026-44057 : Netatalk versions 3.0.0–4.4.2 contain a dead bounds check in the Spotlight RPC unmarshaller, causing an unreachable code path that offers no effective bounds protection. This may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC request...

PT-2026-42435

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...

EUVD-2024-54471

Malicious code in bioql PyPI...

EUVD-2023-56348

Malicious code in bioql PyPI...

Avira Prime Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avira Spotlight...

Avira Prime 安全漏洞

Avira Prime is a security software from the German company Avira. A security vulnerability exists in Avira Prime version 1.1.96.2, which stems from an arbitrary file deletion issue in Avira.Spotlight.Service.exe, which could lead to elevated privileges...

CVE-2023-51636

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-51636

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-51636

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-51636

The CVE-2023-51636 issue affects Avira Prime, specifically the Avira Spotlight Service. The vulnerability arises from handling symbolic links, allowing a local attacker who already has low-privileged code execution to abuse the Spotlight Service to delete a file and escalate privileges to SYSTEM....

CVE-2023-51636 Avira Prime Link Following Local Privilege Escalation Vulnerability

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

Avira Prime Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avira Spotlight...

PT-2023-9147 · Avira · Avira Prime

Name of the Vulnerable Software and Affected Versions: Avira Prime affected versions not specified Description: The issue is related to the Avira Spotlight Service in Avira Prime, which incorrectly handles symbolic links before accessing a file. This can be exploited by a local attacker to escala...

OESA-2023-1452 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back...

DEBIAN-CVE-2023-34966

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function slunpackloop did not validate a field in the network packet that contains the count of elements in an array-like...

DEBIAN-CVE-2023-34967

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol...