36 matches found
CVE-2026-10635
On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...
CVE-2026-10635 Dangling memory-domain pointer (use-after-free) in Xtensa MMU page-table code on memory-domain de-init
On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...
CVE-2026-10123
A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blockeddomain/permitteddomain/blockeddomainlist/permitteddomainlist results in stack-based buffer overflow. It...
CVE-2026-10123
TRENDnet TEW-432BRP 3.10B20 is affected by CVE-2026-10123 in the formSetDomainFilter handler (/goform/formSetDomainFilter). The issue is a stack-based buffer overflow triggered by manipulating arguments such as blocked_domain, permitted_domain, blocked_domain_list, or permitted_domain_list, with ...
SUSE CVE-2026-33598
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
CVE-2026-33598 Out-of-bounds read in cache inspection via Lua
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
CVE-2026-33598
PowerDNS DNSdist is affected by CVE-2026-33598: a cached crafted response can trigger an out-of-bounds read when Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. Multiple vendors/advisories (SUSE, Red Hat, Debian, Alpine, EUVD, NVD) document the flaw. The pro...
CVE-2026-33598 Out-of-bounds read in cache inspection via Lua
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
CVE-2026-33598
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...
PowerDNS DNSdist 缓冲区错误漏洞
PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a buffer error vulnerability. This vulnerability stems from custom Lua code that calls getDomainListByAddress or getAddressListByDomain...
PT-2026-34442
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A cached crafted response can cause an out-of-bounds read, which occurs when a program reads data outside the intended boundary of a buffer. This happens if cust...
EUVD-2018-11148
Malware in sbrugna...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fixed the potential deadlock issue. When some client process A calls pdraddlookup to add a lookup for the service and performs scheduling-related tasks, another process B receives a new server packet indicating th...
CVE-2018-19459
Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file...
AZL-59907 CVE-2025-22014 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...
AZL-59772 CVE-2025-22014 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...
UBUNTU-CVE-2025-22014
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...
Postfixadmin Protected Alias Deletion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Postfixadmin Protected Alias Deletion Vulnerability', 'Description' = %q Postfixadmin installations between 2.91 and 3.0.1 do not check if an adm...
Exploit for OS Command Injection in Php
PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...
Exploit for OS Command Injection in Php
PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...