|
891
|
5.3 |
MEDIUM
Network
|
-
|
-
|
By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-33258
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
892
|
5.0 |
MEDIUM
Network
|
-
|
-
|
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur wi…
New
|
CWE-416
Use After Free
|
CVE-2026-33259
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
893
|
5.3 |
MEDIUM
Network
|
-
|
-
|
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-33260
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
894
|
5.9 |
MEDIUM
Network
|
-
|
-
|
A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service.
New
|
CWE-353
Missing Support for Integrity Check
|
CVE-2026-33261
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
895
|
5.9 |
MEDIUM
Network
|
-
|
-
|
An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default.
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-33262
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
896
|
4.4 |
MEDIUM
Network
|
-
|
-
|
An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-33600
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
897
|
4.4 |
MEDIUM
Network
|
-
|
-
|
If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to …
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-33601
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
898
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be…
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-6848
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
899
|
7.1 |
HIGH
Local
|
-
|
-
|
A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the `logs_dir` parameter. This allows the attacker to create…
New
|
CWE-22
Path Traversal
|
CVE-2026-6855
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
900
|
7.5 |
HIGH
Network
|
-
|
-
|
A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges could exploit this by …
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-6857
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
