146 matches found
Information disclosure
Information disclosure in modem due to buffer over read in dns client due to missing length check...
CVE-2022-25732
CVE-2022-25732 is a buffer over-read in the modem’s DNS client due to a missing length check, exposing information from the modem memory. Multiple connected sources confirm: affected component is the modem’s DNS client; root cause is lack of length validation leading to information disclosure; im...
CVE-2022-25732 Buffer Over-read in MODEM
Information disclosure in modem due to buffer over read in dns client due to missing length check...
CVE-2022-25732 Buffer Over-read in MODEM
Information disclosure in modem due to buffer over read in dns client due to missing length check...
PT-2023-8454
Name of the Vulnerable Software and Affected Versions systemd-resolved affected versions not specified Description The issue is related to insufficient authentication checks of messages from DNS clients in the systemd-resolved service, which manages network connections and domain name resolutions...
[SECURITY] Fedora 36 Update: golang-github-cpu-goacmedns-0.1.1-6.fc36
A Go library to handle acme-dns client communication and persistent account storage...
Mageia: Security Advisory (MGASA-2014-0189)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-36349
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts...
CVE-2021-36349
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts...
Design/Logic Flaw
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...
CVE-2020-25926
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...
CVE-2020-25926
Summary of CVE-2020-25926 (INFRA:HALT) in HCC Embedded/NicheStack: The DNS client in InterNiche NicheStack TCP/IP (pre-4.3) suffers from insufficient entropy in DNS transaction IDs, enabling remote DNS cache poisoning via specially crafted responses. The related ICS/National advisories enumerate ...
HCC Embedded InterNiche Security Feature Issue Vulnerability
HCC Embedded InterNiche is a newsletter software. A security vulnerability exists in HCC Embedded InterNiche that stems from a DNS client not setting enough random transaction ids in the DNSv4 component.An attacker can exploit this vulnerability to pass specially crafted inputs to the application...
Code injection
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions = V0.5.0.0 V1.0.0.0, TALON TC Compact BACnet All versions V3.5.5, TALON TC Modular BACnet All versions V3.5.5. The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the D...
CVE-2016-20009
A DNS client stack-based buffer overflow in ipdnscdecodename affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Stack overflow
A DNS client stack-based buffer overflow in ipdnscdecodename affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2016-20009
A DNS client stack-based buffer overflow in ipdnscdecodename affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2016-20009
Vulnerability: Wind River VxWorks 6.5–7 is affected by a DNS client stack-based buffer overflow in ipdnsc_decode_name(). The Red Hat/NVD-derived entries, CNVD, PRION, and PT Security notes confirm the issue affects Wind River VxWorks versions 6.5 through 7 and describe an out-of-bounds write in t...
CVE-2020-17470
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs they are always set to 1 in fnetdnspoll in fnetdns.c. This significantly simplifies DNS cache poisoning attacks...
Code injection
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs they are always set to 1 in fnetdnspoll in fnetdns.c. This significantly simplifies DNS cache poisoning attacks...