216 matches found
CVE-2026-56115
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
CVE-2026-56113
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...
CVE-2026-56114
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
CVE-2026-56115
The CVE-2026-56115 issue affects dhcpcd up to 10.3.2. A one-byte stack out-of-bounds write exists in dhcp6_makemessage() in src/dhcp6.c, triggered by serializing an oversized RFC6603 OPTION_PD_EXCLUDE body. An unauthenticated, same-link attacker can send a crafted DHCPv6 ADVERTISE message contain...
CVE-2026-56115 dhcpcd Stack Out-of-Bounds Write in dhcp6_makemessage()
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
EUVD-2026-38494
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
EUVD-2026-38492
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
CVE-2026-56114
CVE-2026-56114 affects dhcpcd up to 10.3.2; the issue is a one-byte stack out-of-bounds write in dhcp6_makemessage() caused by serializing an oversized RFC6603 OPTION_PD_EXCLUDE body in a crafted DHCPv6 ADVERTISE with IA_PD IAPREFIX /0. The vulnerability can allow an unauthenticated same-link att...
CVE-2026-56114 dhcpcd Stack Out-of-Bounds Write in dhcp6_makemessage()
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
CVE-2026-56113 dhcpcd Heap Use-After-Free in dhcp6_deprecateaddrs via DHCPv6 RENEW
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...
CVE-2026-56113
Summary of CVE-2026-56113 : The dhcpcd project (up to version 10.3.2) contains a heap use-after-free vulnerability in the DHCPv6 path. Specifically, in dhcp6_deprecateaddrs(), when processing a crafted DHCPv6 RENEW reply (using RFC6603 OPTION_PD_EXCLUDE) with both the preferred and valid lifetime...
openSUSE 16 Security Update : syft (openSUSE-SU-2026:20928-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20928-1 advisory. Changes in syft: - Update to version 1.45.0: Added Features - Add support for ZapAddOns as jar files 4654 4932 @douglasclarke - MySQL binary classifier...
GHSA-H64W-W9PR-82M4 ExifReader is vulnerable to denial of service via crafted ICC `mluc` tag
Impact When parsing an image with an embedded ICC profile that contains a crafted multiLocalizedUnicodeType mluc tag, ExifReader can be made to allocate memory proportional to attacker-controlled fields in the tag rather than to the actual size of the input. Processing such an image causes...
CVE-2026-8903
The Two-factor authentication formerly IP Vault plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing or incorrect nonce validation on the ipvsavechanges function. This makes it possible for unauthenticated attackers to...
CVE-2026-8903 Two-factor authentication (formerly IP Vault) <= 2.1 - Cross-Site Request Forgery to Settings Update
The Two-factor authentication formerly IP Vault plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing or incorrect nonce validation on the ipvsavechanges function. This makes it possible for unauthenticated attackers to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-016807)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016807 advisory. An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods QuerySet.filter, QuerySet.exclude, and QuerySet.get, and the class...
CVE-2026-4062
The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'objectids' and 'excludeobjectids' parameters in all versions up to, and including, 1.13.18. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existin...
CVE-2026-4062
The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'objectids' and 'excludeobjectids' parameters in all versions up to, and including, 1.13.18. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existin...
CVE-2026-4062
The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'objectids' and 'excludeobjectids' parameters in all versions up to, and including, 1.13.18. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existin...
CVE-2026-4062
The Geo Mashup plugin for WordPress (up to version 1.13.18) is vulnerable to a Time-Based SQL Injection via the object_ids and exclude_object_ids parameters. The root cause is insufficient escaping on user-supplied values: esc_sql() is ineffective in the unquoted IN(...) / NOT IN(...) SQL context...