34 matches found
CVE-2022-30257
The CVE-2022-30257 entry affects Technitium DNS Server (versions through 8.0.2). Concrete details from connected sources show a flaw where variant V1 allows unintended domain name resolution: a revoked domain name can remain resolvable for an extended period, including expired or taken-down domai...
Technitium DNS Server 安全漏洞
Technitium DNS Server is an open source authoritative and recursive DNS server from the Technitium team. It can be used to self-host DNS servers for privacy and security. A security vulnerability exists in Technitium DNS Server version 8.0.2, which stems from variant V2 that allows accidental...
Design/Logic Flaw
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30256
CVE-2022-30256 affects MaraDNS Deadwood up to version 3.5.0021, enabling variant V1 of unintended domain name resolution where a revoked domain can remain resolvable for long periods, including expired or taken-down domains. Impact is described as widespread and highly impactful and aligns with d...
GHSA-28P3-MCHR-9FRJ Deserialization of Untrusted Data in Jenkins
A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL...
UBUNTU-CVE-2022-24793
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. A security vulnerability exists in Mozilla Firefox that stems from allowing attackers to conduct user obfuscation or phishing attacks when resolving international domain names. No detailed vulnerability details...
MassDNS - A High-Performance DNS Stub Resolver For Bulk Lookups And Reconnaissance (Subdomain Enumeration)
MassDNS is a simple high-performance DNS stub resolver targetting those who seek to resolve a massive amount of domain names in the order of millions or even billions. Without special configuration, MassDNS is capable of resolving over 350,000 names per second using publicly available resolvers...
CloudBees Jenkins Deserialized URL Object Bypass Vulnerability
CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools . A deserialized URL object bypass vulnerability exists in the CloudBees Jenkins XStream2.java file, which can be exploited by an attacker to submit a special request that caus...
CVE-1999-1233
Product/affected component: IIS 4.0. Vulnerability description: The “Domain Resolution” issue occurs because access is not properly restricted for the initial session request from an IP address that does not resolve to a DNS domain. Root cause (as stated): Improper restriction of initial session ...
CVE-1999-1233
IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability...
CVE-1999-1233
IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability...