Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016769 advisory. An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically...

Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016765 advisory. In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...

CVE-2026-44056

A flaw was found in Netatalk. A remote attacker with low privileges could exploit a stack buffer overflow vulnerability in the desktop.c component. This could lead to a denial of service DoS, making the service unavailable, and potentially result in limited information disclosure or integrity...

Ivanti Connect Secure - Stack-based Buffer Overflow

Ivanti Connect Secure 22.7R2.5, Ivanti Policy Secure 22.7R1.2, and Ivanti Neurons for ZTA gateways 22.7R2.3 contain a stack-based buffer overflow in the clientCapabilities parameter handling. This vulnerability allows remote unauthenticated attackers to execute arbitrary code through IF-T TLS...

CVE-2026-39461

The CVE-2026-39461 issue affects libcasper(3), which communicates with helper processes over UNIX domain sockets and uses select(2) to wait for data. The problem is that it does not verify that its socket descriptor fits within FD_SETSIZE (1024), potentially allowing an application that opens man...

CVE-2026-39461 select(2) file descriptor set overflow causes stack overflow

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

CVE-2026-45250

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-45250 Stack buffer overflow via setcred(2)

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-44056

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

CVE-2026-44048

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

CVE-2026-44056 Stack buffer overflow in desktop.c

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

CVE-2026-44056 Stack buffer overflow in desktop.c

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

CVE-2026-44048 Stack buffer overflow via UCS-2 type confusion in convert_charset()

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

EUVD-2026-31225

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

CVE-2026-44048 Stack buffer overflow via UCS-2 type confusion in convert_charset()

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

CVE-2026-44048

Netatalk 2.0.4–4.4.2 is affected by a stack-based buffer overflow due to UCS-2 type confusion in convert_charset(). Affected variants can allow a remote authenticated attacker to execute arbitrary code or cause a denial of service; the issue is fixed in Netatalk 4.4.3. Debian notes the vulnerabil...

CVE-2026-44048

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

Exploit for CVE-2026-45250

FreeBSD setcred2 — research artifacts This subdirectory col...

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. There were security vulnerabilities in Netatalk versions 1.3 through 4.2.2. These vulnerabilities stemmed from a stack buffer...

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.0.4 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from a confusion between UCS-2 typ...