Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/10/21 11:18 p.m.5 views

CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.6CVSS6.7AI score0.0027EPSS
Exploits0References5
OSV
OSV
added 2021/03/02 5:15 p.m.3 views

CVE-2020-4719

The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861...

4.9CVSS5.9AI score0.00832EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/04/28 3:55 p.m.11 views

bind: TCP Pipelining doesn't limit TCP clients on a single connection

A flaw was found in the way bind limited the number of TCP clients that can be connected at any given time. A remote attacker could use one TCP client to send a large number of DNS requests over a single connection, causing exhaustion of the pool of file descriptors available to named, and...

7.5CVSS7.1AI score0.04022EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2008/10/21 2:54 p.m.4 views

ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...

5.8CVSS6.8AI score0.02415EPSS
Exploits2References4
Rows per page
Query Builder