147 matches found
dnsmasq: RRSIG rdlen underflow leading to heap OOB read
A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixe...
EUVD-2026-39184
NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...
ALPINE-CVE-2026-12246
NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...
CVE-2026-12246 Out of bounds stack write with crafted APL RR
NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...
CVE-2026-12246
NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...
CVE-2026-12246
NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...
CVE-2026-12244
NSD (the DNS server) is affected when configured as a secondary for a zone. A primary can crash NSD by sending an AXFR containing a DNS message with a specially crafted SVCB RR whose rdata size is 65512, which causes an (uint16_t) length to overflow while allocating space for the RR wrap (total s...
UBUNTU-CVE-2026-12244
If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...
CVE-2026-45557
Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...
MiracleLinux 4 : bind-9.8.2-0.10.3.0.1rc1.AXS4 (AXSA:2012-919:04)
"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-919:04 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names ...
EUVD-2008-0074
Malware in sbrugna...
EUVD-2017-7327
Malware in sbrugna...
EUVD-2009-1087
Malware in sbrugna...
EUVD-2025-10022
Malicious code in bioql PyPI...
EUVD-2024-22918
Malicious code in bioql PyPI...
EUVD-2024-17692
Malicious code in bioql PyPI...
CVE-2002-2212
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record RR combined with spoofed response...
DEBIAN-CVE-2025-30195
An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would like to thank Volodym...
UBUNTU-CVE-2025-30195
An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would like to thank Volodym...
CVE-2025-30195 A crafted zone can lead to an illegal memory access in the PowerDNS Recursor
An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would like to thank Volodym...