161929 matches found
CVE-2026-42388
Incomplete validation of the SOA record present in a catalog zone might lead to a crash...
CVE-2026-42390
An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation...
CVE-2026-42387
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...
CVE-2026-42389
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-57536
CVE-2026-57536 affects the pretix-mollie payment integration, where payment status responses are not properly validated. An attacker could reuse a successful payment status from one payment and apply it to a different payment, potentially gaining access to multiple valid tickets with a single pay...
EUVD-2026-39414
Our payment integration with Oppwa-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one...
CVE-2026-13222
The CVE-2026-13222 entry concerns the pretix-oppwa payment integration, where insufficient validation of payment status responses allows reusing a valid payment status across different payments. This could enable an attacker to gain access to multiple valid tickets tied to a single payment. Affec...
CVE-2026-13222 Insufficient validation of payment status in pretix-oppwa
Our payment integration with Oppwa-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one...
CVE-2026-13223
Affected component: pretix with Computop-based payment methods. Root cause: insufficient validation of payment status responses. Impact: an attacker could reuse a successful status for one payment to complete a different payment, gaining access to multiple valid tickets from a single payment. Thi...
CVE-2026-13223 Insufficient validation of payment status in pretix-computop
Our payment integration with Computop-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one...
EUVD-2026-39411
Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage...
CVE-2026-6432
The CVE-2026-6432 entry concerns EmberZNet SDK versions 9.0.2 and earlier, with a root cause of improper bounds validation. This can lead to crashes or dynamic memory leakage. The available documents do not specify additional details such as affected products beyond EmberZNet SDK, release version...
CVE-2026-6432 Improper bounds validation in EmberZNet SDK
Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage...
EUVD-2026-39355
Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass...
CVE-2026-46734
Dell DDPM Mac is affected by CVE-2026-46734: an Improper Certificate Validation in DDPM Mac versions prior to 2.3. The issue allows a local, low-privilege attacker (requires user interaction) to bypass protections, with potential impact on confidentiality, integrity, and availability (CVSSv3.1: 7...
CVE-2026-46734
Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass...
EUVD-2026-39388
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-42389
CVE-2026-42389 fixes an issue by adding extra hardening in the 5.4.x branch through enhanced validation of incoming answers from authoritative servers (no exploited details provided in the documents).
CVE-2026-42389 Reject more queries with invalid header values
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
EUVD-2026-39360
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...