Lucene search
K

18652 matches found

Vulnrichment
Vulnrichment
added 2026/05/21 7:35 a.m.11 views

CVE-2026-7835 Format string argument mismatch

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS5.8AI score0.00294EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.11 views

CVE-2026-44068

Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names...

7.6CVSS5.8AI score0.00322EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.16 views

CVE-2026-44066

Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated attacker to obtain sensitive information or cause a minor service disruption...

7.1CVSS5.9AI score0.0029EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/21 7:34 a.m.7 views

CVE-2026-44056 Stack buffer overflow in desktop.c

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

6.4CVSS6.1AI score0.00253EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.6 views

CVE-2026-44056

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

6.4CVSS6.1AI score0.00253EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.10 views

CVE-2026-44056

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

6.4CVSS6.1AI score0.00253EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.8 views

CVE-2026-44055

A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 allows a remote authenticated attacker to inject OS commands and execute arbitrary code...

7.5CVSS6.1AI score0.0036EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.10 views

CVE-2026-44051

An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation...

8.1CVSS6AI score0.00477EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/21 7:34 a.m.12 views

CVE-2026-44051 Arbitrary file read via attacker-controlled symlink creation

An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation...

8.1CVSS6AI score0.00477EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.16 views

CVE-2026-44051

An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation...

8.1CVSS6AI score0.00477EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.17 views

CVE-2026-44050

A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service...

9.9CVSS6.4AI score0.00418EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/21 7:34 a.m.7 views

CVE-2026-44049 Out-of-bounds write in convert_charset() null termination

An out-of-bounds write due to improper null termination in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service via crafted character data...

7.5CVSS6.2AI score0.00516EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.17 views

CVE-2026-44049

An out-of-bounds write due to improper null termination in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service via crafted character data...

7.5CVSS6.2AI score0.00516EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Netatalk 格式化字符串错误漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.3 to 4.4.2 of Netatalk contain a vulnerability related to formatted string errors. This vulnerability arises from...

3.1CVSS5.8AI score0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.0.0 to 4.4.2 of Netatalk have security vulnerabilities. These vulnerabilities stem from improper handling of uppercase...

3.1CVSS5.8AI score0.00257EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42428

Name of the Vulnerable Software and Affected Versions Netatalk versions 1.5.0 through 4.4.2 Description Authentication modules fail to check the return value of the seteuid function. This may allow a remote authenticated attacker to retain elevated privileges under error conditions. Recommendatio...

5CVSS5.8AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42430

Name of the Vulnerable Software and Affected Versions Netatalk versions 3.0.3 through 4.4.2 Description A format string argument mismatch occurs when the software processes input incorrectly. This allows a remote authenticated attacker to cause a minor denial of service by providing crafted input...

3.1CVSS5.8AI score0.00294EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42418

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.4 through 4.4.2 Description A missing output length bounds check in the pull charset flags function allows a remote authenticated attacker to execute arbitrary code or cause a denial of service by sending crafted characte...

9.9CVSS6.2AI score0.00418EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42412

Name of the Vulnerable Software and Affected Versions Netatalk versions 3.1.4 through 4.4.2 Description A logic error involving bitwise OR operations allows a remote authenticated attacker to perform shell injection, enabling the execution of arbitrary OS commands. Recommendations Update to versi...

9.9CVSS6.1AI score0.00477EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42435

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...

3.1CVSS5.9AI score0.00186EPSS
Exploits0References2
Rows per page
Query Builder