SUSE CVE-2026-45673

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entrop...

EUVD-2026-26071

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...

CVE-2026-28810

CVE-2026-28810 affects the Erlang/OTP kernel built-in DNS resolver (inet_res) and its inet_db module. The issue arises from a 16-bit, process-global transaction ID used for UDP queries and the absence of source port randomization, making DNS responses vulnerable to spoofing and cache poisoning wh...

Huawei EulerOS: Security Advisory for avahi (EulerOS-SA-2026-1301)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2026-2966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS...

CVE-2026-2966 Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

CVE-2026-2966

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

CVE-2026-2966

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

CVE-2010-0362

Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses...

CVE-2022-33988

dproxy-nexgen aka dproxy nexgen re-uses the DNS transaction id TXID value from client queries, which allows attackers able to send queries to the resolver to conduct DNS cache-poisoning attacks because the TXID value is known to the attacker...

EUVD-2021-12569

Malware in sbrugna...

EUVD-2008-1155

Malware in sbrugna...

EUVD-2007-3144

Malware in sbrugna...

EUVD-2008-1157

Malware in sbrugna...

EUVD-2024-46029

Malicious code in bioql PyPI...

EUVD-2022-37021

Malicious code in bioql PyPI...

EUVD-2025-21730

Malicious code in bioql PyPI...

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

CVE-2025-5994

A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...

CVE-2025-5994

CVE-2025-5994 describes a rebirthday cache-poisoning risk in ECS-enabled caching resolvers. Affected product: Unbound (if built with ECS support and configured to send ECS data upstream). Root cause: need to segregate outgoing queries by ECS info; otherwise an attacker could exploit DNS transacti...