Lucene search
K

4431 matches found

Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.15 views

CVE-2026-0265 Vulnerability Assessment Tool

CVE-2026-0265 is a remote authentication bypass affecting PAN-OS and Panorama that triggers when an authentication profile uses Cloud Authentication Service CAS. This tool safely detects whether an instance is vulnerable without authenticating any session or modifying any state...

9.2CVSS5.8AI score0.0044EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.15 views

SUSE CVE-2026-44067

A heap over-read in extended attribute EA header parsing in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to obtain limited information or cause a minor service disruption via crafted EA data...

4.2CVSS5.8AI score0.00292EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.12 views

SUSE CVE-2026-44073

Authentication modules in Netatalk 1.5.0 through 4.4.2 fail to check the return value of seteuid, which may allow a remote authenticated attacker to retain elevated privileges under error conditions...

5CVSS5.8AI score0.00277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.28 views

PT-2026-42823

Name of the Vulnerable Software and Affected Versions Amazon Braket SDK versions prior to 1.117.0 Description Insecure deserialization in the job results processing component may allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on...

7.5CVSS6.5AI score0.0038EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/05/21 1:5 p.m.15 views

CVE-2026-44057

A flaw was found in Netatalk. A dead bounds check in the Spotlight RPC unmarshaller may allow a remote authenticated attacker to obtain limited information. This vulnerability is triggered by sending crafted Spotlight RPC requests, leading to an information disclosure...

3.1CVSS5.8AI score0.00186EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:35 a.m.12 views

CVE-2026-7835

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS5.8AI score0.00294EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.15 views

CVE-2026-44067

A heap over-read in extended attribute EA header parsing in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to obtain limited information or cause a minor service disruption via crafted EA data...

4.2CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.11 views

CVE-2026-44062

A missing output length bounds check in pullcharsetflags in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service via crafted character set data...

7.5CVSS6.2AI score0.00357EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.14 views

CVE-2026-44055

A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 allows a remote authenticated attacker to inject OS commands and execute arbitrary code...

7.5CVSS6.1AI score0.0036EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.14 views

CVE-2026-44054

Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...

6.5CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Netatalk 授权问题漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.2.2 to 4.4.2 of Netatalk contained vulnerabilities related to authorization. These vulnerabilities stemmed from...

7.2CVSS6AI score0.00532EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42406

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.4 through 4.4.2 Description A stack-based buffer overflow occurs due to UCS-2 type confusion within the convert charset function. This allows a remote authenticated attacker to execute arbitrary code or cause a denial of...

9.9CVSS6.5AI score0.00477EPSS
Exploits0References21
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk Inc., which provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.0 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from dead-end checks in the...

3.1CVSS5.9AI score0.00186EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42411

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description Netatalk generates AFP session tokens derived from predictable process IDs. This allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...

6.5CVSS5.8AI score0.0028EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42426

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description An unbounded memory reallocation in the charset conversion code allows a remote authenticated attacker to cause a minor denial of service via crafted character conversion requests...

3.1CVSS5.9AI score0.00318EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 8:17 p.m.16 views

CVE-2026-8597

Missing integrity verification in the Triton inference handler in Amazon SageMaker Python SDK v2 before v2.257.2 and v3 before v3.8.0 might allow a remote authenticated actor to achieve code execution in inference containers via replacement of model artifacts in S3 with a specially crafted pickle...

7.2CVSS0.0039EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.8 views

Lenovo Personal Cloud Storage 操作系统命令注入漏洞

Lenovo Personal Cloud Storage is a personal cloud storage service provided by Lenovo Corporation. Lenovo Personal Cloud Storage has a vulnerability related to operating system command injection. This vulnerability stems from potential vulnerabilities, which may allow remote authenticated users to...

8.8CVSS6.1AI score0.00445EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 9:31 p.m.12 views

EUVD-2026-29820

Command injection vulnerabilities exist in the command line interface CLI service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying...

7.2CVSS6.1AI score0.00896EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU6 contained security vulnerabilities. These vulnerabilities stemmed from exposed dangerous methods on the core server, which could...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 9:31 p.m.9 views

EUVD-2026-29212

A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in authentication bypass using alternate channel. The attack is...

7.5CVSS6.8AI score0.00411EPSS
Exploits0References6
Rows per page
Query Builder