Lucene search
K

429 matches found

OSV
OSV
added 2026/06/30 9:24 a.m.2 views

SUSE-SU-2026:2700-1 Security update for cifs-utils

This update for cifs-utils fixes the following issue - CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 9:21 a.m.3 views

SUSE-SU-2026:2699-1 Security update for cifs-utils

This update for cifs-utils fixes the following issue - CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References3
NVD
NVD
added 2026/06/28 5:16 a.m.12 views

CVE-2026-10646

Zephyr's BSD-sockets getaddrinfo implementation subsys/net/lib/sockets/getaddrinfo.c passes a pointer to a stack-allocated state object struct getaddrinfostate aistate as the userdata of an asynchronous DNS resolver query. The socket layer waits on a semaphore with a timeout deliberately set...

7.4CVSS0.00269EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/25 12:22 p.m.5 views

EUVD-2026-39347

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in glibc

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library’s DNS backend can lead to a situation where a zero-valued network is queried during operations in the GNU C Library versions 2.0 to 2.42. This could result in leaking stack contents to the configured...

7.5CVSS7.1AI score0.00564EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in glibc

A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nssgethostbyname2r and nssgetcanonnamer hooks without...

5.9CVSS6.6AI score0.01439EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in glibc

NSCD: Stack-based buffer overflow in netgroup cache If the fixed-size cache of the Name Service Cache Daemon nscd is exhausted due to client requests, then a subsequent client request for netgroup data may lead to a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cach...

8.1CVSS7.2AI score0.0131EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 4:16 a.m.16 views

CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS0.0012EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/18 3:34 a.m.24 views

CVE-2026-12505 Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS0.0012EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/18 3:34 a.m.12 views

CVE-2026-12505 Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/18 3:34 a.m.14 views

EUVD-2026-37834

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/18 3:34 a.m.7 views

CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS6.1AI score0.0012EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-50619

Name of the Vulnerable Software and Affected Versions cifs-utils affected versions not specified Description A flaw exists in the cifs.upcall helper that fails to securely drop root privileges before performing user information lookups within a user-controlled environment. A local, low-privileged...

7.8CVSS6.1AI score0.0012EPSS
Exploits0References26
EUVD
EUVD
added 2026/06/08 7:34 a.m.11 views

EUVD-2026-35033

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

7.5CVSS5.4AI score0.02669EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/08 7:34 a.m.7 views

CVE-2026-3238

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

7.5CVSS5.4AI score0.02669EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Samba 代码问题漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a code vulnerability that stems from the WINS protocol handler, which fails to properly validate incoming packets when operating as an Active Directory domain controller. This allows...

7.5CVSS5.5AI score0.02669EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

RHEL 9 : bind (RHSA-2026:24367)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24367 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

7.5CVSS5.6AI score0.0181EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/29 8:13 p.m.19 views

zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion

Impact DNSIncoming.logexceptiondebug and the four QuietLogger exception-dedup methods stored an unbounded seenlogs dict keyed by strsys.excinfo1. The seven IncomingDecodeError messages raised from readname / decodelabelsatoffset RFC 6762 §18 name-decoding error paths all embed self.source — the...

5.8AI score0.0002EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-45026

Impact DNSCache. async add inserted every response record into cache, expirations, expire heap, and service cache with no cap on entry count. The only pre-existing protection was a PTR TTL floor DNS PTR MIN TTL = 1125 s, RFC 6762 §10, which actually prolonged attacker-injected records, and a...

6.5CVSS5.8AI score0.00023EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.17 views

PT-2026-45024

Impact DNSIncoming. decode labels at offset recurses once per DNS-name compression pointer RFC 1035 §4.1.4. Pointer cycles and label counts were capped, but the chain length of unique forward pointers was not. A single 3 kB mDNS packet carrying 1500 chained pointers drives the recursion past...

6.5CVSS5.8AI score0.0002EPSS
Exploits0References16
Rows per page
Query Builder