Lucene search
K

6 matches found

OSV
OSV
added 2026/05/29 4:50 p.m.11 views

GHSA-86M8-88FQ-XFXP Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes

Summary IsPublicIP in pkg/gotenberg/outbound.go incorrectly classifies IPv6 6to4 / NAT64 / deprecated site-local addresses as public IPs, allowing an unauthenticated attacker to reach internal destinations e.g., cloud metadata services at 169.254.169.254 via a single crafted DNS AAAA record. This...

7.5CVSS5.9AI score0.00051EPSS
Exploits0References2
Citrix
Citrix
added 2023/05/10 12:0 a.m.9 views

DNS Resolution fails due to Negative Caching

Steps to reproduce this issue: 1. Administrator added an authoritative name server A on Netscaler to resolveStoreFront LB's VIP. 2. Becasue name server A didn't have address record for Storefront LB fqdn, so DNS resolution failed. 3. Then administrator changed to another authoritative name...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/04/12 3:9 p.m.5 views

golang: net: lookup functions may return invalid host names

A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integri...

7.5CVSS7.2AI score0.03231EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.4 views

The vulnerability of the syntax analysis function of the PowerDNS server allows a attacker to cause a service failure.

The vulnerability of the DNS server’s syntax analysis function in PowerDNS is related to the lack of an authentication mechanism. Exploiting this vulnerability could allow a malicious actor to cause a service failure when searching for NS/A/AAAA records on the server...

7.8CVSS5.5AI score0.01691EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2016/06/30 5:59 p.m.1 views

DEBIAN-CVE-2015-8899

Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...

7.5CVSS7.3AI score0.02415EPSS
Exploits0References1
OSV
OSV
added 2012/02/17 10:55 p.m.2 views

UBUNTU-CVE-2012-1191

The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names"...

6.4CVSS5.8AI score0.01899EPSS
Exploits2References2
Rows per page
Query Builder