CVE-2026-39831

The Verify method for FIDO/U2F security key types [email protected], [email protected] did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior,...

Astra Linux - уязвимость в slapi-nis

A flaw was discovered in slapi-nis in versions prior to 0.56.7. A NULL pointer dereferencing during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The greatest threat from this vulnerability is to system availability...

UBUNTU-CVE-2026-5358

The obsolete nislocalprincipal function in the GNU C Library version...

DEBIAN-CVE-2026-5358

The obsolete nislocalprincipal function in the GNU C Library version 2.43 and older may overflow a buffer in the data section, which could allow an attacker to spoof a crafted response to a UDP request generated by this function and overwrite neighboring static data in the requesting application...

Linux Distros Unpatched Vulnerability : CVE-2026-5358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The obsolete nislocalprincipal function in the GNU C Library version 2.43 and older may overflow a buffer in the data section, which could allow an attacker to...

CVE-2026-5928

CVE-2026-5928 affects glibc’s ungetwc on FILE streams with wide characters where overlaps between single-byte and multi-byte encodings occur, in version 2.43 or earlier. A bug in the wide character pushback (_IO_wdefault_pbackfail) causes ungetwc() to operate on the regular input buffer (fp->_...

CVE-2026-5358

The CVE affects the GNU C Library (glibc) up to version 2.43, where the obsolete nis_local_principal function can overflow a buffer in the data section. This may allow an attacker to spoof a crafted UDP response and overwrite neighboring static data in the requesting application. NIS support is d...

CVE-2026-5358

Removed by vendor...

CVE-2026-5358

...

CVE-2026-5358

...

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a buffer overflow in the nislocalprincipal function,...

PT-2026-33850

Name of the Vulnerable Software and Affected Versions glibc versions prior to 2.44 Description The obsolete nis local principal function may overflow a buffer in the data section. This allows an attacker to spoof a crafted response to a UDP request generated by this function and overwrite...

EUVD-2026-17544

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

CVE-2026-30283

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

CVE-2026-30283

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

CVE-2026-30283

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

CVE-2019-25380

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script. The vulnerability enables attackers to inject JavaScript via posted parameters (e.g., BOOT_SERVER, BOOT_FILE, BOOT_ROOT, START_ADDR, END_ADDR, DNS1, DNS2, NTP1,...

MiracleLinux 7 : slapi-nis-0.56.5-4.el7 (AXSA:2021-1758:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1758:02 advisory. slapi-nis: NULL dereference DoS with specially crafted Binding DN CVE-2021-3480 Tenable has extracted the preceding description block directly from the...

CVE-1999-0797

NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries...

CVE-1999-0522

The permissions for a system-critical NIS+ table e.g. passwd are inappropriate...