CVE-2026-45585 Windows BitLocker Security Feature Bypass Vulnerability

21 Mei 2026 om 16:00

Added a script to implement a mitigation and removed the manual mitigations. Please read the information to decide if you need to run the provided script.

CVE-2026-43491 net: qrtr: ns: Limit the maximum server registration per node

Microsoft Security

21 Mei 2026 om 10:39

Information published.

CVE-2026-43970 Decompression Bomb in cow_spdy:inflate/2 Allows Memory Exhaustion via Crafted SPDY Frame

Microsoft Security

21 Mei 2026 om 10:03

Information published.

CVE-2026-45736 ws: Uninitialized memory disclosure

Microsoft Security

21 Mei 2026 om 10:03

Information published.

CVE-2026-45803 gh: GitHub Actions log output in `gh run view` allows terminal escape sequence injection

Microsoft Security

21 Mei 2026 om 10:03

Information published.

CVE-2026-44390 Unbounded name compression in certain cases causes degradation of service

Microsoft Security

21 Mei 2026 om 10:03

Information published.

CVE-2026-42944 Heap overflow with multiple NSID, COOKIE, PADDING EDNS options

Microsoft Security

21 Mei 2026 om 10:03

Information published.

CVE-2026-42923 Degradation of service with unbounded NSEC3 hash calculations

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-40622 Another 'ghost domain names' attack variant

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-42534 Jostle logic bypass degrades resolution performance

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-41292 Long list of incoming EDNS options degrades performance

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-33278 Possible arbitrary code execution during DNSSEC validation

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-44608 Use after free and crash under special conditions in RPZ code

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-42959 Crash during DNSSEC validation of malicious content

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-42960 Possible cache poisoning via promiscuous records for the authority section

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-32792 Packet of death with DNSCrypt

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-29518 Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write

Microsoft Security

21 Mei 2026 om 10:02

Information published.

CVE-2026-47783 In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.

Microsoft Security

21 Mei 2026 om 10:01

Information published.

CVE-2026-47784 In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.

Microsoft Security

21 Mei 2026 om 10:01

Information published.

CVE-2026-46333 ptrace: slightly saner 'get_dumpable()' logic

Microsoft Security

21 Mei 2026 om 10:01

Information published.

CVE-2026-45232 Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy

Microsoft Security

21 Mei 2026 om 10:01

Information published.

CVE-2026-43617 Rsync < 3.4.3 Authorization Bypass via Hostname Resolution

Microsoft Security

21 Mei 2026 om 10:01

Information published.

CVE-2026-43620 Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files()

Microsoft Security

21 Mei 2026 om 10:01

Information published.

CVE-2026-43618 Rsync < 3.4.3 Integer Overflow Information Disclosure

Microsoft Security

21 Mei 2026 om 10:01

Information published.

CVE-2026-43619 Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls

Microsoft Security

21 Mei 2026 om 10:01

Information published.

Lees weergave