Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24723 matches found

OSV
OSVadded 2026/04/22 2:16 p.m.0 views

UBUNTU-CVE-2026-33602

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

8.2CVSS5.8AI score0.00004EPSS
Exploits0References3
OSV
OSVadded 2026/04/22 2:16 p.m.0 views

UBUNTU-CVE-2026-33596

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend...

6.5CVSS5.8AI score0.00003EPSS
Exploits0References3
OSV
OSVadded 2026/04/22 2:16 p.m.1 views

UBUNTU-CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

6.5CVSS5.8AI score0.00003EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2026/04/22 1:48 p.m.2 views

CVE-2026-33593

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS5.7AI score0.00009EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/04/22 1:48 p.m.1 views

CVE-2026-33593 Denial of service via crafted DNSCrypt query

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS5.8AI score0.00009EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/22 1:48 p.m.28 views

CVE-2026-33593 Denial of service via crafted DNSCrypt query

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS0.00009EPSS
Exploits0References1
CVE
CVEadded 2026/04/22 1:48 p.m.6 views

CVE-2026-33593

The provided documents describe CVE-2026-33593 as a denial-of-service caused by a client sending a crafted DNSCrypt query that triggers a divide-by-zero error and crashes the affected process. The impact is a crash (availability impact HIGH per CVSS), but the connected sources do not specify the ...

7.5CVSS5.8AI score0.00009EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/04/22 1:48 p.m.4 views

CVE-2026-33594

CVE-2026-33594 describes a memory exhaustion issue where a client floods a DoH backend with queries, causing excess memory allocation as queries accumulate in a buffer that is only released at the end of the connection. The connected sources confirm the root cause (buffer growth tied to overloade...

7.5CVSS6AI score0.00005EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/22 1:48 p.m.4 views

CVE-2026-33594 Outgoing DoH excessive memory allocation

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...

5.3CVSS6AI score0.00005EPSS
Exploits0References1
AlpineLinux
AlpineLinuxadded 2026/04/22 1:48 p.m.1 views

CVE-2026-33594

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...

7.5CVSS6AI score0.00005EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2026/04/22 1:47 p.m.0 views

CVE-2026-33596

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend...

6.5CVSS5.7AI score0.00003EPSS
Exploits0
CVE
CVEadded 2026/04/22 1:47 p.m.7 views

CVE-2026-33596

CVE-2026-33596 describes a vulnerability in PowerDNS DNSdist where a client could, in theory, cause a mismatch between queries sent to a backend and the responses by flooding with perfectly timed queries that are routed to a TCP-only or DNS over TLS backend. The issue is limited to the transport-...

6.5CVSS5.7AI score0.00003EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/22 1:47 p.m.2 views

CVE-2026-33596 TCP backend stream ID overflow

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend...

3.1CVSS5.7AI score0.00003EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/22 1:47 p.m.24 views

CVE-2026-33596 TCP backend stream ID overflow

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend...

3.1CVSS0.00003EPSS
Exploits0References1
CVE
CVEadded 2026/04/22 1:45 p.m.7 views

CVE-2026-33602

CVE-2026-33602 concerns PowerDNS DNSdist (and related Linux distros) where a rogue backend can send a crafted UDP response with a query ID off by one relative to the maximum configured value. This leads to an out-of-bounds write and a denial of service. The connected documents confirm the same ro...

8.2CVSS5.8AI score0.00004EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinuxadded 2026/04/22 1:45 p.m.0 views

CVE-2026-33602

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

8.2CVSS5.7AI score0.00004EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/04/22 1:45 p.m.2 views

CVE-2026-33602

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

8.2CVSS5.3AI score0.00004EPSS
Exploits0
Cvelist
Cvelistadded 2026/04/22 1:45 p.m.25 views

CVE-2026-33602 Off-by-one access when processing crafted UDP responses

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

6.5CVSS0.00004EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/22 10:22 a.m.3 views

CVE-2026-31433

A flaw was found in the ksmbd module of the Linux kernel. A remote attacker can exploit this vulnerability by sending a specially crafted compound request, specifically a combination of QUERYDIRECTORY and QUERYINFO. Due to a missing validation check for the client-provided output buffer length, a...

8.8CVSS5.9AI score0.00043EPSS
Exploits0References4
OSV
OSVadded 2026/04/22 10:16 a.m.1 views

DEBIAN-CVE-2026-33258

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC3 caches...

7.5CVSS5.3AI score0.00002EPSS
Exploits0References1
Rows per page
Query Builder