25 matches found
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google has announced the integration of a Rust-based Domain Name System DNS parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level. "The new Rust-based DNS parser significantly reduces our...
CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
PT-2026-26552
Name of the Vulnerable Software and Affected Versions PJSIP versions 2.16 and below Description PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a Heap-based Buffer Overflow in the DNS parser's name length handler. This impacts...
EUVD-2017-4513
Malware in sbrugna...
EUVD-2017-5842
Malware in sbrugna...
EUVD-2014-3980
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-12995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- domain.c:nsprint. CVE-2017-12995 Note that Nessus relies on the...
SUSE CVE-2014-3597
Multiple buffer overflows in the phpparserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted DNS record, related to the dnsgetrecord function and the...
SUSE CVE-2016-7993
A bug in util-print.c:reltsprint in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM...
SUSE CVE-2017-12995
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:nsprint...
php: memcpy with negative length via crafted DNS response
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...
openSUSE Security Update : tcpdump (openSUSE-2017-1205)
This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...
Code injection
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:nsprint...
CVE-2017-12995
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:nsprint...
CVE-2017-12995
CVE-2017-12995 affects tcpdump’s DNS parser. A bug in print-domain.c:ns_print() could cause an infinite loop when parsing certain DNS data. The issue is fixed in tcpdump version 4.9.2; remediation is to upgrade to 4.9.2 or later. Other related advisories in connected documents confirm tcpdump vul...