EUVD-2026-23378

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacke...

PT-2026-33433

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with...

CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

CVE-2026-22866

Ethereum Name Service ENS is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check...

CVE-2025-43934

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of...

CVE-2025-43909

Dell PowerProtect Data Domain (DD OS) versions 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 contain a vulnerability in the DD boost component due to use of a broken or risky cryptographic algorithm. An unauthenticated, remote attacker could exploit...

EUVD-2025-28080

Malicious code in bioql PyPI...

Blind Eagle's Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government acros...

Mubit Powered BLUE 870 路径遍历漏洞

Mubit Powered BLUE 870 is a DNS server from Mubit Japan. A path traversal vulnerability exists in Mubit Powered BLUE 870 version 0.20130927 and earlier, which stems from path traversal and could lead to arbitrary file disclosure...

The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems allows a perpetrator to execute arbitrary commands.

The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow attackers to execute arbitrary commands...

MAL-2025-5425 Malicious code in jun-xss-payload (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fcb0bad0a9a4d062fb4b4b42ac803616eb78ce2cee23746dfc3636d0909ee918 Any computer that has this package installed or running should be considered...

Aardvark-dns 资源管理错误漏洞

Aardvark-dns is a dns server from Containers open source. Aardvark-dns versions 1.12.0 and 1.12.1 have a resource management error vulnerability that stems from serial processing of TCP DNS queries, which can lead to a denial of service by Containers...

SUSE CVE-1999-0184

When compiled with the -DALLOWUPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records...

Microsoft Windows DNS 安全漏洞

Microsoft Windows DNS is a domain name resolution service from Microsoft. The Domain Name System DNS is one of the industry-standard suite of protocols that encompasses TCP/IP, and DNS clients and DNS servers work together to provide name resolution services for computers and users that map...

The vulnerability of the Windows operating system’s DNS server, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Windows operating system’s DNS server relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted DNS request...

EMC Data Domain OS Arbitrary Account Hijacking Vulnerability

EMC Data Domain systems are data protection storage solutions. EMC Data Domain OS stores the session identifier of the GUI user in a globally readable file, which can be exploited by a local user to hijack arbitrary accounts...

CVE-2016-0910

EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via unspecified vectors...