Lucene search
K

373 matches found

OSV
OSV
added 6 days ago3 views

MAL-2026-6782 Malicious code in @marketfront/header (npm)

The @marketfront/header package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.3AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/29 1:50 p.m.7 views

CVE-2026-12246

A flaw was found in NSD. A remote attacker, operating as a configured primary DNS server in a multi-tenant secondary DNS deployment, could exploit a bug involving specially crafted Address Prefix List APL resource records. By providing an APL record with an adflength larger than permitted, the...

8.1CVSS6.5AI score0.00265EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/29 1:50 p.m.7 views

CVE-2026-12245

A flaw was found in NSD. When NSD is configured with DNS over TLS DoT, a remote attacker can exploit a vulnerability by performing a TLS action and then prematurely closing the connection. This action causes the server process to crash and restart. By repeatedly exploiting this flaw, an attacker...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/29 1:50 p.m.6 views

CVE-2026-12244

A flaw was found in nsd. When nsd is configured as a secondary server for a zone, a remote attacker, acting as the primary server for that zone, can send a specially crafted DNS message within an AXFR Asynchronous Full Zone Transfer request. This message, containing a malformed SVCB Service Bindi...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack wh...

8.1CVSS5.8AI score0.00265EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39182

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score0.00303EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39184

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

7.2CVSS5.9AI score0.00265EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 7:16 a.m.10 views

CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS0.00265EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 7:16 a.m.9 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 5:24 a.m.32 views

CVE-2026-12246 Out of bounds stack write with crafted APL RR

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

7.2CVSS0.00265EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 5:24 a.m.6 views

CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS5.8AI score0.00265EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 5:24 a.m.32 views

CVE-2026-12245 Denial of DNS over TLS service by any DoT client

NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response...

8.7CVSS0.00274EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 5:24 a.m.6 views

CVE-2026-12245

NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response...

8.7CVSS5.8AI score0.00274EPSS
Exploits0
CVE
CVE
added 2026/06/25 5:24 a.m.10 views

CVE-2026-12244

NSD (the DNS server) is affected when configured as a secondary for a zone. A primary can crash NSD by sending an AXFR containing a DNS message with a specially crafted SVCB RR whose rdata size is 65512, which causes an (uint16_t) length to overflow while allocating space for the RR wrap (total s...

8.8CVSS5.9AI score0.00303EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 5:24 a.m.6 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score0.00303EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 5:24 a.m.7 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS5.9AI score0.00303EPSS
Exploits0
OSV
OSV
added 2026/06/23 2:17 p.m.5 views

DEBIAN-CVE-2026-12969

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS5.9AI score0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 1:28 p.m.10 views

EUVD-2026-38449

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS6AI score0.0025EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 1:28 p.m.34 views

CVE-2026-12969 Dnsmasq: dnsmasq: out-of-bounds read in find_soa() due to missing extrabytes validation

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in unbound

Unbound versions up to and including 1.24.1 are vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers into updating their delegation information for the zone. Typically, these RRSets are use...

7.1CVSS6.9AI score0.00311EPSS
Exploits0References2
Rows per page
Query Builder