699 matches found
Kea: Kea: Denial of Service via maliciously crafted message
A flaw was found in Kea. A remote attacker can send a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener. This can cause a stack overflow error, leading to the daemon exiting and resulting in a Denial of...
AZL-28619 CVE-2023-4273 for package hyperv-daemons is not applicable
This CVE either no longer is or was never applicable...
PT-2026-33860
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery ND option over a local network with length zero, because of an "nd opt len 8 - 2" expression with no preceding check for whether nd opt len is zero...
DEBIAN-CVE-2026-3608
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...
CVE-2026-3608
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...
CVE-2026-3608
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...
CVE-2026-3608
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...
CVE-2026-3608
CVE-2026-3608 affects Kea daemons (kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, kea-dhcp6). A maliciously crafted message over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow. Affected versions: 2.6.0–2.6.4 and 3.0.0–3.0.2. Exploitation details a...
UBUNTU-CVE-2026-3608
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...
[SECURITY] Fedora 44 Update: systemd-259.3-1.fc44
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...
CVE-2026-29128
IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...
CVE-2026-29128 IDC SFX2100 Satellite Receiver bgpd/ospfd/ripd/zebra Config Credential Disclosure via World-Readable Files
IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...
CVE-2026-29128 IDC SFX2100 Satellite Receiver bgpd/ospfd/ripd/zebra Config Credential Disclosure via World-Readable Files
IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...
AZL-79385 CVE-2026-0032 affecting package hyperv-daemons 6.6.126.1-1
In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
AZL-79356 CVE-2026-0031 affecting package hyperv-daemons 5.15.200.1-1
In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
AZL-79353 CVE-2026-0032 affecting package hyperv-daemons 5.15.200.1-1
In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
AZL-79382 CVE-2026-0031 affecting package hyperv-daemons 6.6.126.1-1
In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26950)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26950 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access devic...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35852)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35852 advisory. - In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memo...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27037)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27037 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer...