618 matches found
CVE-2026-6970
Summary: CVE-2026-6970 affects authd prior to 0.6.4 and describes a logic error in primary group ID (GID) assignment. If a user’s GID differs from their UID (either from pre-0.5.4 account creation or via authctl group set-gid) and the identity provider record is updated, authd resets the primary ...
PT-2026-35449
Name of the Vulnerable Software and Affected Versions authd versions prior to 0.6.4 Description A logic error exists in the primary group ID assignment. When a user's primary group ID GID differs from their user ID UID—occurring if the account was created with versions prior to 0.5.4 or if the...
CVE-2026-33610
A flaw was found in PowerDNS. A remote attacker, operating as a rogue primary server, can exploit this vulnerability by sending a malicious DNS update request to a PowerDNS secondary server. This can lead to the exhaustion of file descriptors on the secondary server. Consequently, the PowerDNS...
SUSE CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
GHSA-4948-F92Q-F432 @nocobase/database has SQL Injection via String Concatenation through Recursive Eager Loading
Summary The queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using parameterized queries. The nodeIds array contains primary key values read from database rows. An attacker who can create a record with a...
EUVD-2026-24949
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
DEBIAN-CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
UBUNTU-CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
CVE-2026-33610 Possible file descriptor exhaustion in forward-dnsupdate
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
CVE-2026-33610
The CVE describes a denial-of-service risk in PowerDNS: a rogue primary server can exhaust file descriptors when a PowerDNS secondary forwards a DNS update request to it. This is triggered in the forward-dnsupdate path, leading to an eventual DoS on the affected system. Connected advisories (OSV/...
CVE-2026-33610 Possible file descriptor exhaustion in forward-dnsupdate
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
PT-2026-34447
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
PT-2026-34609
Name of the Vulnerable Software and Affected Versions @nocobase/database versions prior to 2.0.39 Description An issue exists in the queryParentSQL function within the core database package where a recursive CTE query is constructed by joining nodeIds using string concatenation instead of...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013534)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013534 advisory. In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010954)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010954 advisory. In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet...