Lucene search
K

36 matches found

NVD
NVD
added 2026/06/16 6:16 a.m.11 views

CVE-2026-10635

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS0.00164EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/16 5:19 a.m.33 views

CVE-2026-10635 Dangling memory-domain pointer (use-after-free) in Xtensa MMU page-table code on memory-domain de-init

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS0.00164EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/01 4:2 p.m.9 views

CVE-2026-10123

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blockeddomain/permitteddomain/blockeddomainlist/permitteddomainlist results in stack-based buffer overflow. It...

9CVSS6.2AI score0.00472EPSS
Exploits0References1
CVE
CVE
added 2026/05/30 3:30 p.m.21 views

CVE-2026-10123

TRENDnet TEW-432BRP 3.10B20 is affected by CVE-2026-10123 in the formSetDomainFilter handler (/goform/formSetDomainFilter). The issue is a stack-based buffer overflow triggered by manipulating arguments such as blocked_domain, permitted_domain, blocked_domain_list, or permitted_domain_list, with ...

9CVSS7.8AI score0.00472EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/23 1:24 a.m.9 views

SUSE CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

9.1CVSS5.8AI score0.01073EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/22 1:46 p.m.26 views

CVE-2026-33598 Out-of-bounds read in cache inspection via Lua

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

4.8CVSS0.01073EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 1:46 p.m.13 views

CVE-2026-33598

PowerDNS DNSdist is affected by CVE-2026-33598: a cached crafted response can trigger an out-of-bounds read when Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. Multiple vendors/advisories (SUSE, Red Hat, Debian, Alpine, EUVD, NVD) document the flaw. The pro...

9.1CVSS5.8AI score0.01073EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/22 1:46 p.m.6 views

CVE-2026-33598 Out-of-bounds read in cache inspection via Lua

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

4.8CVSS5.8AI score0.01073EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/22 1:46 p.m.4 views

CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

9.1CVSS5.8AI score0.01073EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

PowerDNS DNSdist 缓冲区错误漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a buffer error vulnerability. This vulnerability stems from custom Lua code that calls getDomainListByAddress or getAddressListByDomain...

9.1CVSS6AI score0.01073EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34442

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A cached crafted response can cause an out-of-bounds read, which occurs when a program reads data outside the intended boundary of a buffer. This happens if cust...

9.1CVSS5.2AI score0.01073EPSS
Exploits0References48
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2018-11148

Malware in sbrugna...

7.8CVSS7.7AI score0.04002EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fixed the potential deadlock issue. When some client process A calls pdraddlookup to add a lookup for the service and performs scheduling-related tasks, another process B receives a new server packet indicating th...

5.5CVSS6.3AI score0.00141EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 a.m.3 views

CVE-2018-19459

Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file...

7.8CVSS7AI score0.04002EPSS
Exploits1References1
OSV
OSV
added 2025/04/08 9:15 a.m.9 views

AZL-59907 CVE-2025-22014 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...

5.5CVSS6.6AI score0.00141EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 9:15 a.m.12 views

AZL-59772 CVE-2025-22014 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...

5.5CVSS6.6AI score0.00141EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 9:15 a.m.8 views

UBUNTU-CVE-2025-22014

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...

5.5CVSS6.1AI score0.00141EPSS
Exploits0References39
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.343 views

Postfixadmin Protected Alias Deletion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Postfixadmin Protected Alias Deletion Vulnerability', 'Description' = %q Postfixadmin installations between 2.91 and 3.0.1 do not check if an adm...

3.5CVSS7AI score0.14953EPSS
Exploits2
GithubExploit
GithubExploit
added 2024/06/08 12:23 p.m.600 views

Exploit for OS Command Injection in Php

PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...

9.8CVSS9.6AI score0.99987EPSS
Exploits64
GithubExploit
GithubExploit
added 2024/06/08 12:23 p.m.589 views

Exploit for OS Command Injection in Php

PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...

9.8CVSS9.6AI score0.99987EPSS
Exploits64
Rows per page
Query Builder