FreeBSD -- Insufficient response validation in the ldns stub resolver

Problem Description: When used as a stub resolver over UDP, ldns failed to verify that a received response belonged to the outstanding query. It did not check that the response source address and port matched the query destination, that the transaction ID matched, or that the question section of...

PT-2026-44993

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifying agent user replies based on In-Reply-To / References headers. The notification reply path...

CVE-2026-42960 Possible cache poisoning via promiscuous records for the authority section

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

EUVD-2026-31083

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

Electron: Service worker can spoof executeJavaScript IPC replies

Impact A service worker running in a session could spoof reply messages on the internal IPC channel used by webContents.executeJavaScript and related methods, causing the main-process promise to resolve with attacker-controlled data. Apps are only affected if they have service workers registered...

EUVD-2026-18955

Electron: Service worker can spoof executeJavaScript IPC replies...

SUSE CVE-2025-11411

NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are...

UBUNTU-CVE-2025-11411

NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are...

Linux Distros Unpatched Vulnerability : CVE-2014-4883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS...

ALPINE-CVE-2024-52615

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...

bind: memory leaks in EdDSA DNSSEC verification code

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

Siemens Nucleus ReadyStart 安全漏洞

Siemens Nucleus ReadyStart is a bundled solution from Siemens, Germany. It is used to accelerate the fast startup of complete systems and provides a rich set of board support packages Bsp. A security vulnerability exists in Siemens Nucleus ReadyStart, which originates from an ICMP echo packet wit...

HCC Embedded InterNiche 安全特征问题漏洞

HCC Embedded InterNiche is a newsletter software. An unspecified vulnerability exists in HCC Embedded InterNiche, which can be exploited to allow an attacker to be able to predict the source port of a DNS query, and then send spoofed DNS response packets that may be accepted as valid answers...

DNS BailiWicked Host Attack

This exploit attacks a fairly ubiquitous flaw in DNS implementations which Dan Kaminsky found and disclosed Jul 2008. This exploit caches a single malicious host entry into the target nameserver by sending random hostname queries to the target DNS server coupled with spoofed replies to those...

DNS BailiWicked Domain Attack

This exploit attacks a fairly ubiquitous flaw in DNS implementations which Dan Kaminsky found and disclosed Jul 2008. This exploit replaces the target domains nameserver entries in a vulnerable DNS cache server. This attack works by sending random hostname queries to the target DNS server coupled...

DNS vulnerabilities to attack the Ruby code-vulnerability warning-the black bar safety net

1 require 'msf/core' 2 require 'net/dns' 3 require 'scruby' 4 require 'resolv' 5 6 module Msf 7 8 class Auxiliary::Spoof::Dns::BaliWickedHost Msf::Auxiliary 9 1 0 The include Exploit::Remote::Ip 1 1 1 2 def initializeinfo = 1 3 superupdateinfoinfo, 1 4 'Name' = 'DNS BaliWicked Attack', 1 5...

[Full-disclosure] Predictable DNS transaction IDs in Microsoft DNS Server

1 Summary Affected software: Microsoft Windows 2003 SP2, Microsoft Windows 2000 SP4 Server Vendor URL: www.microsoft.com Severity: Medium References: Microsoft Security Bulletin MS07-062, CVE-2007-3898 2 Vulnerability Description Microsoft DNS server generates predictable DNS transaction IDs. If...