Lucene search
K

730 matches found

AlpineLinux
AlpineLinux
added 2025/07/16 2:38 p.m.4 views

CVE-2025-5994

A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...

8.7CVSS7AI score0.00188EPSS
Exploits0
OSV
OSV
added 2025/07/16 2:15 p.m.3 views

ALPINE-CVE-2025-40776

A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...

8.6CVSS6.8AI score0.00197EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/07/16 1:41 p.m.3 views

CVE-2025-40776

A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...

8.6CVSS7.2AI score0.00197EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.7 views

PT-2025-29825 · Isc · Bind

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.11.3-S1 through 9.16.50-S1 BIND 9 versions 9.18.11-S1 through 9.18.37-S1 BIND 9 versions 9.20.9-S1 through 9.20.10-S1 Description: A named caching resolver configured to send ECS EDNS Client Subnet options may be vulnerable ...

8.6CVSS7.3AI score0.00197EPSS
Exploits0References20
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.3 views

NLnet Unbound 安全漏洞

NLnet Unbound is an open source DNS server from the Dutch NLnet team. A security vulnerability exists in NLnet Unbound that stems from a risk of cache poisoning when supporting EDNS Client Subnet, which could lead to a Rebirthday attack...

8.7CVSS4.4AI score0.00188EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.3 views

PT-2025-29837 · Nlnet +7 · Unbound +7

Name of the Vulnerable Software and Affected Versions: Unbound affected versions not specified Description: A multi-vendor cache poisoning vulnerability, named 'Rebirthday Attack', has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is vulnerable when compiled wi...

8.7CVSS5.7AI score0.01729EPSS
Exploits0References45
FreeBSD
FreeBSD
added 2025/07/16 12:0 a.m.5 views

unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack

[email protected] reports: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information...

8.7CVSS6.4AI score0.00188EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/23 12:0 a.m.2 views

Open5GS Buffer Overflow Vulnerability (CNVD-2025-18574)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a buffer overflow vulnerability that is caused by incorrect bounds checking in the ogspfcpsubnetadd function in the pfcp library. No detailed...

7.8CVSS7.4AI score0.00188EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.5 views

The vulnerability of the formRoute() function in the TOTOLINK A3002R router’s software allows a hacker to execute arbitrary code.

The vulnerability of the formRoute function in the TOTOLINK A3002R router’s microprogramming system lies in the reading of data beyond the buffer boundaries in memory during the processing of the subnet parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by...

9CVSS8.4AI score0.00759EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/06/22 6:15 p.m.3 views

CVE-2025-6487

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...

8.7CVSS6.5AI score0.00759EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a buffer overflow vulnerability that is caused by incorrect bounds checking in the ogspfcpsubnetadd function in the pfcp library. No detailed...

7.8CVSS7.3AI score0.00188EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.7 views

CVE-2022-28896

A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1FW130B06 allows attackers to escalate privileges to root via a crafted payload...

10CVSS7.5AI score0.03598EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.5 views

Vulnerability of the cgidhcpsCfgSet() function (Program:/bin/httpd) in Tenda W12 and i24 router microsoftware, allowing a hacker to execute arbitrary code

The vulnerability of the cgidhcpsCfgSet function Program:/bin/httpd in the Tenda W12 and i24 router microprogramming systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code when processing parameters such as startIp, endI...

9CVSS8.4AI score0.00772EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 11:17 a.m.6 views

CVE-2013-2788

The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote attackers to cause a denial of service unhandled exception and process crash via unspecified vectors...

4.3CVSS7AI score0.01164EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/19 9:46 a.m.6 views

kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()

In the Linux kernel, the following vulnerability has been resolved: iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix length is 64, this...

7.1CVSS6.8AI score0.00188EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.1 views

Bohua NetDragon Firewall 注入漏洞

Bohua NetDragon Firewall is a firewall from Bohua. An injection vulnerability exists in Bohua NetDragon Firewall version 1.0, which stems from improper handling of the parameter subnet in the file /systemstatus/ipstatus.php, which could lead to command injection...

6.5CVSS6.8AI score0.01172EPSS
Exploits0References5
OSV
OSV
added 2025/05/01 8:15 p.m.7 views

CVE-2025-46635

An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...

7.1CVSS5.8AI score0.00807EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/04/15 12:0 a.m.9 views

RHEL 6 : openstack-neutron (RHSA-2014:0899)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0899 advisory. The openstack-neutron packages provide Openstack Networking neutron, the virtual network service. OpenStack Networking neutron is a pluggabl...

9CVSS5.6AI score0.02918EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/04/13 3:36 p.m.25 views

CVE-2025-31354

Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters...

5.3CVSS6.8AI score0.00112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/13 3:36 p.m.19 views

CVE-2025-31935

Subnet Solutions PowerSYSTEM Center is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the API may trigger an exception, resulting in a denial-of-service condition...

6.9CVSS6.8AI score0.00154EPSS
Exploits0References1
Rows per page
Query Builder