CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

PT-2026-34443

Name of the Vulnerable Software and Affected Versions PowerDNS Recursor affected versions not specified Description A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request. This occurs when the request is made via the autoUpgrade Lua option to newServer or...

UBUNTU-CVE-2026-33456

Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...

CVE-2026-33456 Potential livestatus injection in notification test

Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...

CVE-2026-33456

Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...

CVE-2021-47787

TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration...

Denial Of Service (DoS)

github.com/hashicorp/consul is vulnerable to denial of service DoS attacks. A remote attacker with service:write permission is able to register a specifically-crafted service on clusters with at least one ingress gateway configured, resulting in denial of service conditions in the server...

CVE-2022-24687

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3...

OPENSUSE-SU-2019:0326-1 Security update for obs-service-tar_scm

This update for obs-service-tarscm fixes the following issues: Security vulnerabilities addressed: - CVE-2018-12473: Fixed a path traversal issue, which allowed users to access files outside of the repository using relative paths bsc1105361 - CVE-2018-12474: Fixed an issue whereby crafted service...

OPENSUSE-SU-2019:0329-1 Security update for obs-service-tar_scm

This update for obs-service-tarscm fixes the following issues: Security vulnerabilities addressed: - CVE-2018-12473: Fixed a path traversal issue, which allowed users to access files outside of the repository using relative paths bsc1105361 - CVE-2018-12474: Fixed an issue whereby crafted service...

Security update for obs-service-tar_scm (important)

openSUSE Security Update: Security update for obs-service-tarscm Announcement ID: openSUSE-SU-2019:0329-1 Rating: important References: 1076410 1082696 1105361 1107507 1107944 Cross-References: CVE-2018-12473 CVE-2018-12474 CVE-2018-12476 Affected Products: openSUSE Backports SLE-15 An update tha...

openSUSE Security Update : obs-service-tar_scm (openSUSE-2019-326)

This update for obs-service-tarscm fixes the following issues : Security vulnerabilities addressed : - CVE-2018-12473: Fixed a path traversal issue, which allowed users to access files outside of the repository using relative paths bsc1105361 - CVE-2018-12474: Fixed an issue whereby crafted servi...

openSUSE: Security Advisory for obs-service-tar_scm (openSUSE-SU-2019:0326-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2019:0540-1 Security update for obs-service-tar_scm

This update for obs-service-tarscm fixes the following issues: Security vulnerabilities addressed: - CVE-2018-12473: Fixed a path traversal issue, which allowed users to access files outside of the repository using relative paths bsc1105361 - CVE-2018-12474: Fixed an issue whereby crafted service...

UBUNTU-CVE-2018-15173

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...

mod_cluster: remotely Segfault Apache http server

It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP...

oc Arbitrary Command Execution Vulnerability (CNVD-2015-01830)

osc is a command-line interface written in Python, and also provides Python modules for use by Python programs. A security vulnerability exists in versions of osc prior to 0.151.0, which can be exploited by a remote attacker to execute arbitrary commands via shell metacharacters within a...

CVE-2013-3862

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

Double free

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...