Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fixed the potential deadlock. When some client process A calls pdraddlookup to add a lookup for the service and performs scheduling-related tasks, another process B receives a new server packet indicating that the...

SUSE CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

CVE-2026-33598

PowerDNS DNSdist is affected by CVE-2026-33598: a cached crafted response can trigger an out-of-bounds read when Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. Multiple vendors/advisories (SUSE, Red Hat, Debian, Alpine, EUVD, NVD) document the flaw. The pro...

CVE-2026-33598 Out-of-bounds read in cache inspection via Lua

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

PowerDNS DNSdist 缓冲区错误漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a buffer error vulnerability. This vulnerability stems from custom Lua code that calls getDomainListByAddress or getAddressListByDomain...

AZL-59772 CVE-2025-22014 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...

AZL-59907 CVE-2025-22014 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...

UBUNTU-CVE-2025-22014

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...

Postfixadmin Protected Alias Deletion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Postfixadmin Protected Alias Deletion Vulnerability', 'Description' = %q Postfixadmin installations between 2.91 and 3.0.1 do not check if an adm...

Exploit for OS Command Injection in Php

PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...

Exploit for OS Command Injection in Php

CVE-2024-4577 Vulnerability Checker This script is designed t...

CVE-2023-5978

In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the capnet libcasper3 service incorrectly validates that updated constraints are strictly subsets of the active constraints. When only a list of resolvable domain names was specified without setting any other...

CORStest - A Simple CORS Misconfiguration Scanner

A simple CORSmisconfiguration scanner Based on theresearch of James Kettle CORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing CORS misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential...

Adult Filter Buffer Overflow Vulnerability

Adult Filter is an Internet content filter with content filtering, parental controls and more. A buffer overflow vulnerability exists in Adult Filter version 1.0, which can be exploited to cause a denial of service or code execution with the help of a specially crafted Black Domain List file...

Trend Micro IWSVA Domain List Bdn Paremeter Command Injection - Ver2

A command injection vulnerability exists in Trend Micro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...