Lucene search
K

164 matches found

NVD
NVD
added 2026/06/30 1:19 p.m.11 views

CVE-2026-8655

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...

9.8CVSS0.0046EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 12:46 p.m.7 views

EUVD-2026-40308

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...

8.8CVSS5.8AI score0.0046EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 12:46 p.m.33 views

CVE-2026-8655

CVE-2026-8655 corresponds to multiple memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway that can cause unpredictable behavior and DoS when the appliance is used as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver. The NVD/NIST entry and multiple security advi...

9.8CVSS5.8AI score0.0046EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/06/30 12:46 p.m.40 views

CVE-2026-8655 Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...

8.8CVSS0.0046EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.14 views

PT-2026-53881

Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description Memory overflow issues occur when NetScaler ADC is configured as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver...

9.8CVSS6.2AI score0.0046EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.10 views

CVE-2026-0264

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

9.2CVSS6.2AI score0.00408EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/04 7:50 p.m.16 views

AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle

Summary This report covers the client-triggered DoQ forwarding path in: - dnsproxy v0.81.2 adguard/dnsproxy:v0.81.2 - AdGuard Home v0.107.74 adguard/adguardhome:latest, image version label v0.107.74 The issue was reproduced on 2026-04-25 with the products configured through their documented DoQ...

5.7AI score0.00047EPSS
Exploits0References3Affected Software2
Snyk
Snyk
added 2026/06/04 7:50 p.m.13 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization in the process that forwards DoQ queries to UDP upstreams, where the DNS transaction ID txid is not preserved and is always set to 0, reducing entropy in the backend tuple. An attacker can increase the likelihoo...

6.9CVSS5.5AI score0.00047EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/04 12:0 a.m.11 views

AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle

This report covers the client-triggered DoQ forwarding path in: - dnsproxy v0.81.2 adguard/dnsproxy:v0.81.2 - AdGuard Home v0.107.74 adguard/adguardhome:latest, image version label v0.107.74 The issue was reproduced on 2026-04-25 with the products configured through their documented DoQ listener...

5.8AI score0.00047EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/26 3:16 p.m.18 views

CVE-2026-46368

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

8.8CVSS0.06582EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/26 2:8 p.m.10 views

CVE-2026-46368

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

8.8CVSS6.1AI score0.06582EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/26 2:8 p.m.10 views

CVE-2026-46368 luci-app-https-dns-proxy Authenticated Command Injection via setInitAction

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

8.8CVSS6.1AI score0.06582EPSS
Exploits0References3
CVE
CVE
added 2026/05/26 2:8 p.m.53 views

CVE-2026-46368

CVE-2026-46368 affects the OpenWrt luci-app-https-dns-proxy package (not Core OpenWrt). The vulnerability is a command injection in setInitAction via a ubus RPC call; an authenticated user with the luci.https-dns-proxy ACL can inject shell metacharacters through the 'name' parameter, enabling arb...

8.8CVSS6.1AI score0.06582EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/26 2:8 p.m.39 views

CVE-2026-46368 luci-app-https-dns-proxy Authenticated Command Injection via setInitAction

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

8.8CVSS0.06582EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.25 views

PT-2026-43259

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

8.8CVSS6.1AI score0.06582EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in connman

A issue was discovered in the DNS proxy of Connman through version 1.40. The TCP server reply implementation creates an infinite loop if no data is received...

7.5CVSS7.4AI score0.02485EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/13 6:30 p.m.10 views

EUVD-2026-30065

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

9.2CVSS6.4AI score0.00408EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 6:16 p.m.13 views

CVE-2026-0264

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

9.2CVSS0.00408EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 5:40 p.m.7 views

CVE-2026-0264

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

9.2CVSS6.4AI score0.00408EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 5:40 p.m.8 views

CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

9.2CVSS6.4AI score0.00408EPSS
Exploits0References1
Rows per page
Query Builder