Lucene search
+L

227 matches found

OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-93d7b9a5d5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.8AI score0.00319EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.3 views

Fedora 42 : unbound (2025-93d7b9a5d5)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-93d7b9a5d5 advisory. Fix CVE-2025-11411 possible domain hijacking attack, reported by Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua University. Tenable has...

7.1CVSS6.6AI score0.00319EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/10/27 12:0 a.m.6 views

Unbound DNS Resolver < 1.24.2 Domain Hijacking Vulnerabilities

Unbound DNS Resolver is prone to a domain hijacking vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.1CVSS6.2AI score0.00319EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/10/24 8:1 a.m.8 views

Possible domain hijacking via promiscuous records in the authority section

...

7.1CVSS7AI score0.00319EPSS
Exploits0
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.6 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. A security vulnerability exists in NLnet Labs Unbound version 1.24.0 and earlier, which stems from an uncleaned set of unsolicited NS records and could lead to a domain hijacking attack...

7.1CVSS6AI score0.00319EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-30452

Malicious code in bioql PyPI...

9.6CVSS8.6AI score0.03261EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-6157

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00335EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2023-1120

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00702EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.4 views

NewStart CGSL MAIN 6.06 : c-ares Vulnerability (NS-SA-2025-0226)

The remote NewStart CGSL host, running version MAIN 6.06, has c-ares packages installed that are affected by a vulnerability: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.5 views

CVE-2023-28109

Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use play-with-docker.com as an example and set the origin header in an http request as evil-play-with-docker.com. The...

6.5CVSS6.8AI score0.00702EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0072: nodejs:14 (ALINUX3-SA-2021:0072)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0072 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-22930: RESERVED This candidate ha...

9.8CVSS7.5AI score0.37286EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.52 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases / c-ares / pgbouncer (CVE-2021-3672)

The version of CBL-Mariner Releases / c-ares / pgbouncer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3672 advisory. - A flaw was found in c-ares library, where a missing input validation check...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/05 12:0 a.m.16 views

CVE-2024-57174

A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access...

0.00335EPSS
Exploits0References2
OSV
OSV
added 2024/12/16 2:5 p.m.15 views

BIT-NODE-MIN-2021-22931

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames leading to Domain Hijacking and injection...

9.8CVSS10AI score0.21952EPSS
Exploits1References10
OSV
OSV
added 2024/12/16 2:4 p.m.14 views

BIT-NODE-MIN-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

6.8CVSS6.4AI score0.02617EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2024/10/02 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-7047-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.02619EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.21 views

Ubuntu 20.04 LTS : Knot Resolver vulnerabilities (USN-7047-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7047-1 advisory. Vladimr unt discovered that Knot Resolver incorrectly handled input during DNSSEC validation. A remote attacker could possibly use this issue to bypass...

7.5CVSS7AI score0.02619EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.19 views

NewStart CGSL MAIN 6.02 : c-ares Multiple Vulnerabilities (NS-SA-2024-0066)

The remote NewStart CGSL host, running version MAIN 6.02, has c-ares packages installed that are affected by multiple vulnerabilities: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnam...

7.5CVSS6.9AI score0.02617EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2024/08/01 2:10 p.m.43 views

Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique

Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system DNS, is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/07/31 12:6 p.m.16 views

Don’t Let Your Domain Name Become a “Sitting Duck”

More than a million domain names -- including many registered by Fortune 100 firms and brand protection companies -- are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image:...

7.4AI score
Exploits0
Rows per page
Query Builder