SUSE CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

EUVD-2026-24941

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

CVE-2026-33599

CVE-2026-33599 describes a vulnerability in PowerDNS DNSdist where a rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request when triggered via the autoUpgrade (Lua) option to newServer or the auto_upgrade (YAML) setting. DDR upgrade is not enabled by default...

CVE-2026-33599 Out-of-bounds read in service discovery

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

PT-2026-34443

Name of the Vulnerable Software and Affected Versions PowerDNS Recursor affected versions not specified Description A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request. This occurs when the request is made via the autoUpgrade Lua option to newServer or...

EUVD-2021-13771

Malware in sbrugna...

CVE-2022-46642

D-Link DIR-846 A1FW100A43 was discovered to contain a command injection vulnerability via the autoupgradehour parameter in the SetAutoUpgradeInfo function...

CVE-2022-46642

D-Link DIR-846 A1FW100A43 was discovered to contain a command injection vulnerability via the autoupgradehour parameter in the SetAutoUpgradeInfo function...

D-Link DIR-846 命令注入漏洞

D-Link DIR-846 is a wireless router from D-Link, China. d-link DIR-846 A1FW100A43 has a command injection vulnerability, which originates from the autoupgradehour parameter in the SetAutoUpgradeInfo function fails to properly filter the construct command special characters The vulnerability can b...

CVE-2022-46642

D-Link DIR-846 A1FW100A43 was discovered to contain a command injection vulnerability via the autoupgradehour parameter in the SetAutoUpgradeInfo function...

CVE-2021-26998

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...

Information disclosure

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...

CVE-2021-26998

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...

Windows 10 Upgrade Become More Creepy, No Option to Opt-Out

If you are running Windows 7 or Windows 8.1 and have no plans to switch to Windows 10, then Microsoft could force you to install Windows 10, making it harder for you to cancel or opt-out of upgrading. Note: Above image has been photoshopped, but the original screenshot taken by Windows users is...

Mandrake Security Advisory MDVSA-2009:007 (ntp)

The remote host is missing an update to ntp announced via advisory MDVSA-2009:007. OpenVAS Vulnerability Test $Id: mdksa2009007.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:007 ntp Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...