Vulnerabilities in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Execution of arbitrary code root/admin privileges - Execution of arbitrary code user privileges -...

May Microsoft Patch Tuesday

May Microsoft Patch Tuesday. A total of 119 vulnerabilities, approximately 1.5 times fewer than in April. There are currently no vulnerabilities marked as actively exploited in the wild. However, there is one vulnerability with a public exploit: 🔸 EoP - Windows Kernel CVE-2026-40369. A detailed...

Patch Tuesday - May 2026

Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the...

CVE-2026-41096 Windows DNS Client Remote Code Execution Vulnerability

...

CVE-2026-41096 Windows DNS Client Remote Code Execution Vulnerability

...

Fedora 42 : bind9-next (2026-bcc66a29da)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-bcc66a29da advisory. Update to 9.21.20 rhbz2440560 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 - Fi...

EulerOS 2.0 SP12 : unbound (EulerOS-SA-2025-2344)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2025-2218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2015-6947

Malware in sbrugna...

EUVD-2006-2075

Malware in sbrugna...

EUVD-2020-18556

Malware in sbrugna...

EUVD-2021-22969

Malware in sbrugna...

EUVD-2020-9422

Malware in sbrugna...

EUVD-2024-19054

Malicious code in bioql PyPI...

EUVD-2022-30387

Malicious code in bioql PyPI...

CVE-2020-25926

The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...

CVE-2016-20009

A DNS client stack-based buffer overflow in ipdnscdecodename affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

OSV-2025-289 Stack-buffer-overflow in ot::Cli::Utils::OutputLine

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=411460530 Crash type: Stack-buffer-overflow READ Crash state: ot::Cli::Utils::OutputLine ot::Cli::Dns::HandleDnsRecordResponse ot::Dns::Client::FinalizeQuery...

PT-2025-19365 · Git +1 · Openthread

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software contains a stack-buffer-overflow read vulnerability. The crash state indicates the issue occurs within the Cli::Utils::OutputLine,...

CVE-2022-25732

Information disclosure in modem due to buffer over read in dns client due to missing length check...