6 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-14513
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the...
Improper Validation of Specified Quantity in Input
Overview resolv is a Thread-aware DNS resolver library in Ruby. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the getlabels function in the resolv.rb file. An attacker can cause excessive CPU resource consumption and make the applicatio...
UBUNTU-CVE-2025-24294
The attack vector is a potential Denial of Service DoS. The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses suc...
VulnCheck KEV: CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter...
BSA-2022-1516
Security Advisory ID : BSA-2022-1516 Component : NGNIX Revision : 1.0 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
BSA-2017-449
Security Advisory ID : BSA-2017-449 Component : dnsmasq Revision : 2.0: Final A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code...