2494 matches found
CVE-2026-33254
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
CVE-2026-31450
CVE-2026-31450 describes a race in ext4 where ei->jinode was published to concurrent readers before jbd2_journal_init_jbd_inode() completed, allowing a non-NULL jinode to be observed with i_vfs_inode still NULL. The mitigated issue could lead to a crash when a reader passes jinode to jbd2_wait...
CVE-2026-33254
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
EUVD-2026-24723
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
DEBIAN-CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
UBUNTU-CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
CVE-2026-33259 Concurrent modification of RPZ data can lead to denial of servce
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
CVE-2026-33259
CVE-2026-33259 affects PowerDNS Recursor RPZ handling. The issue arises when there are many concurrent transfers of the same RPZ, which can lead to inconsistent RPZ data, use-after-free, or a crash of the recursor. The root cause is described as concurrent transfers of the same RPZ zone occurring...
CVE-2026-33259 Concurrent modification of RPZ data can lead to denial of servce
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
CVE-2026-41458 OwnTone Server < 29.1 Race Condition DoS via DAAP Login
OwnTone Server versions 28.4 through 29.0 contain a race condition vulnerability in the DAAP login handler that allows unauthenticated attackers to crash the server by exploiting unsynchronized access to the global DAAP session list. Attackers can flood the DAAP /login endpoint with concurrent...
PowerDNS Recursor(pdns_recursor) 资源管理错误漏洞
PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. PowerDNS Recursor has a resource management vulnerability; this vulnerability arises from multiple concurrent transmissions within the same RPZ, which can lead to inconsistent RPZ data, reus...
uutils coreutils 安全漏洞
uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils, which stems from a race condition when the -D flag is used in the install process. This could allow attackers with concurrent write privileges to redirect...
Nimiq 安全漏洞
Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from the use of MessageCodec::readrequest and readresponse in the nimiq-libp2p library, which called readtoend on the inbound...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There are security vulnerabilities in the Linux kernel, which stem from issues with the smbgrantoplock function. These vulnerabilities involve reusing freed resources an...
PT-2026-34323
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...
PT-2026-34492
A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the -D flag. The command creates parent directories and subsequently performs a second path resolution to create the target file, neither of which is anchored to a directory file...