Lucene search
K

618 matches found

CVE
CVE
added 2026/04/27 3:28 p.m.24 views

CVE-2026-6970

Summary: CVE-2026-6970 affects authd prior to 0.6.4 and describes a logic error in primary group ID (GID) assignment. If a user’s GID differs from their UID (either from pre-0.5.4 account creation or via authctl group set-gid) and the identity provider record is updated, authd resets the primary ...

7.3CVSS5.2AI score0.0011EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.10 views

PT-2026-35449

Name of the Vulnerable Software and Affected Versions authd versions prior to 0.6.4 Description A logic error exists in the primary group ID assignment. When a user's primary group ID GID differs from their user ID UID—occurring if the account was created with versions prior to 0.5.4 or if the...

7.3CVSS5.8AI score0.0011EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/04/25 10:54 a.m.6 views

CVE-2026-33610

A flaw was found in PowerDNS. A remote attacker, operating as a rogue primary server, can exploit this vulnerability by sending a malicious DNS update request to a PowerDNS secondary server. This can lead to the exhaustion of file descriptors on the secondary server. Consequently, the PowerDNS...

7.5CVSS5.5AI score0.00393EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/23 1:24 a.m.5 views

SUSE CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References3
OSV
OSV
added 2026/04/22 8:9 p.m.7 views

GHSA-4948-F92Q-F432 @nocobase/database has SQL Injection via String Concatenation through Recursive Eager Loading

Summary The queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using parameterized queries. The nodeIds array contains primary key values read from database rows. An attacker who can create a record with a...

7.5CVSS5.9AI score0.01875EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/22 3:31 p.m.7 views

EUVD-2026-24949

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

5.9CVSS5.8AI score0.00393EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 2:16 p.m.5 views

CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS0.00393EPSS
Exploits0References1
OSV
OSV
added 2026/04/22 2:16 p.m.6 views

DEBIAN-CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS5.3AI score0.00393EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/22 2:16 p.m.5 views

CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 2:16 p.m.3 views

UBUNTU-CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 2:0 p.m.3 views

CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

5.9CVSS5.8AI score0.00393EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/22 2:0 p.m.3 views

CVE-2026-33610 Possible file descriptor exhaustion in forward-dnsupdate

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

5.9CVSS5.8AI score0.00393EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 2:0 p.m.23 views

CVE-2026-33610

The CVE describes a denial-of-service risk in PowerDNS: a rogue primary server can exhaust file descriptors when a PowerDNS secondary forwards a DNS update request to it. This is triggered in the forward-dnsupdate path, leading to an eventual DoS on the affected system. Connected advisories (OSV/...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/22 2:0 p.m.28 views

CVE-2026-33610 Possible file descriptor exhaustion in forward-dnsupdate

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

5.9CVSS0.00393EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/22 2:0 p.m.4 views

CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS5.3AI score0.00393EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/22 2:0 p.m.2 views

CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS5.8AI score0.00393EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34447

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

5.9CVSS5.8AI score0.00393EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.28 views

PT-2026-34609

Name of the Vulnerable Software and Affected Versions @nocobase/database versions prior to 2.0.39 Description An issue exists in the queryParentSQL function within the core database package where a recursive CTE query is constructed by joining nodeIds using string concatenation instead of...

8.8CVSS6.1AI score0.01875EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.8 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013534)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013534 advisory. In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet...

5.5AI score0.0018EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010954)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010954 advisory. In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet...

5.8AI score0.0018EPSS
Exploits0References4
Rows per page
Query Builder