48 matches found
nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item
Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...
GHSA-MW3Q-R9WH-H2FF nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item
Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...
PT-2026-42672
Name of the Vulnerable Software and Affected Versions core-rs-albatross affected versions not specified Description A remote, unauthenticated denial-of-service issue exists in the MerkleRadixTrie::put chunk function. A malicious state-sync peer can cause a node to crash by responding to a...
PT-2026-42637
Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::put chunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an out-of-bounds write in triegetnextkey The triegetnextkey function allocates a node stack with a size of trie-maxprefixlen. However, it writes trie-maxprefixlen + 1 nodes to the stack when the stack is full. For...
CLSA-2026-1778004214 vim: Fix of 5 CVEs
CVE-2022-2124: fix out-of-bounds read in currentquote when searching for quotes goes over the end of the line textobject.c, upstream patch 8.2.5120 - CVE-2022-2126: fix invalid index use in suggesttriewalk when tsfidx is zero spellsuggest.c, upstream patch 8.2.5123 - CVE-2022-2207: fix read...
Netfoil has incorrect allowlist enforcement
Summary Rules could be bypassed by changing the first character: example.com could be be bypassed by e.g. fxample.com. Details Off-by-one error in the suffixtrie implementation. Impact The domain filter could be bypassed. Please note that DNS filtering alone is not enough to block malicious traff...
EUVD-2026-19235
A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.setstate of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been mad...
CVE-2026-5659
A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.setstate of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been mad...
CVE-2026-5659 pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization
A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.setstate of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been mad...
CVE-2026-5659 pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization
A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.setstate of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been mad...
CVE-2026-5659
The CVE-2026-5659 entry affects pytries datrie up to 0.8.3. The vulnerable elements are Trie.load, Trie.read, and Trie.setstate in src/datrie.pyx, with the described issue: deserialization leading to remote execution. The exploit is publicly disclosed and could be used. Connected sources consiste...
PT-2026-30602
A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie. setstate of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been ma...
Fedora 42 : bind9-next (2026-bcc66a29da)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-bcc66a29da advisory. Update to 9.21.20 rhbz2440560 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 - Fi...
SUSE CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
EUVD-2026-12222
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
UBUNTU-CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
CVE-2026-4174
A flaw was found in Radare2. A local attacker could exploit a vulnerability in the Mach-O File Parser component, specifically within the walkexportstrie function. By manipulating this component, an attacker can cause excessive resource consumption, potentially leading to a Denial of Service DoS. ...
CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...