38 matches found
USN-8395-1 netatalk vulnerabilities
Arjun Basnet discovered that Netatalk incorrectly sanitized user input in its MySQL CNID backend. A remote authenticated attacker could possibly use this issue to conduct SQL injection attacks. CVE-2026-44047 Arjun Basnet discovered that Netatalk incorrectly handled UCS-2 character set conversion...
CVE-2026-44050
A flaw was found in Netatalk. A heap buffer overflow vulnerability exists within the commrcv function of the cnid daemon. This flaw could allow a remote attacker with low privileges to execute arbitrary code on the affected system. Successful exploitation can lead to a complete compromise of the...
CVE-2026-44047
A flaw was found in Netatalk. This vulnerability, identified as a SQL injection in the MySQL CNID backend, could allow a remote attacker to execute arbitrary code or gain unauthorized access to sensitive information. Successful exploitation could lead to significant data compromise, data...
CVE-2026-44047
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service...
CVE-2026-44050
A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service...
CVE-2026-44050 Heap buffer overflow in CNID daemon comm_rcv()
A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service...
CVE-2026-44050 Heap buffer overflow in CNID daemon comm_rcv()
A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service...
EUVD-2026-31229
A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service...
CVE-2026-44050
A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service...
CVE-2026-44050
Netatalk CVE-2026-44050 is a heap-based buffer overflow in the CNID daemon comm_rcv() that affects Netatalk 2.0.0 through 4.4.2. The vulnerability can allow a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service. The issue is fixed in Neta...
CVE-2026-44050
A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service...
CVE-2026-44047
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service...
CVE-2026-44047 SQL injection in MySQL CNID backend
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service...
EUVD-2026-31226
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service...
CVE-2026-44047 SQL injection in MySQL CNID backend
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service...
PT-2026-42405
Name of the Vulnerable Software and Affected Versions Netatalk versions 3.1.0 through 4.4.2 Description An SQL injection in the MySQL CNID backend allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service. SQL injection is a type of fl...
Netatalk SQL注入漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk have a SQL injection vulnerability. This vulnerability stems from the MySQL CNID backend’s SQL...
PT-2026-42118
Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description A heap-based buffer overflow occurs in the CNID daemon comm rcv function. This allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of...
CVE-2026-43228
A flaw was found in the Linux kernel HFS component. A local attacker could provide a specially crafted and corrupted Master Directory Block MDB to trigger a kernel panic. This vulnerability, caused by improper error handling of CNID count checks, leads to a system Denial of Service DoS...
CVE-2026-43228
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...