GHSA-3QPQ-R242-JQJ7 phpseclib has a CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()

Impact Anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc Patches https://github.com/phpseclib/phpseclib/commit/d53d2021bcb9f6a04d5d44ec99e6bbef219a71bc Workarounds No. References...

CVE-2026-42255

Technitium DNS Server shows a vulnerability in versions before 15.0: DNS traffic amplification via cyclic name server delegation. The CVE-2026-42255 entry documents this issue (CVSS v3.1 base score 7.2, HIGH) with network-attack potential and no user interaction. Affected component is the DNS ser...

EUVD-2026-25688

Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation...

PT-2026-31016

Name of the Vulnerable Software and Affected Versions OpenTelemetry-Go versions 1.36.0 through 1.40.0 Description The OpenTelemetry-Go implementation is susceptible to a remote request amplification issue due to the way it handles multi-value baggage headers. Specifically, the extractMultiBaggage...

Fedora 44 : libmaxminddb (2026-814fe58971)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-814fe58971 advisory. libmaxminddb 1.13.1 - Re-release for Ubuntu PPA, no code changes. libmaxminddb 1.13.0 - MMDBgetentrydatalist now validates that the claimed array/map size is...

USN-7047-1: libvirt vulnerabilities

It was discovered that libvirt parsed user-provided XML files before performing ACL checks. An attacker could possibly use this issue to cause libvirt to consume memory, resulting in a denial of service. CVE-2025-12748 It was discovered that libvirt incorrectly handled permissions on external...

GHSA-83JG-M2PM-4JXJ Cowrie has a SSRF vulnerability in wget/curl emulation enabling DDoS amplification

Summary A Server-Side Request Forgery SSRF vulnerability in Cowrie's emulated shell mode allows unauthenticated attackers to abuse the honeypot as an amplification vector for HTTP-based denial-of-service attacks against arbitrary third-party hosts. Details When Cowrie operates in emulated shell...

mDNS Service Amplification Attack (UDP) - Active Check

A publicly accessible service supporting the Multicast DNS mDNS protocol can be exploited to participate in a Distributed Denial of Service DDoS attack. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

EUVD-2018-10664

Malware in sbrugna...

EUVD-2022-4175

Malicious code in bioql PyPI...

EUVD-2024-37389

Malicious code in bioql PyPI...

EUVD-2022-46031

Malicious code in bioql PyPI...

EUVD-2021-34091

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-10995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found...

GO-2025-3743 CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification in github.com/coredns/coredns

CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification in github.com/coredns/coredns...

DEBIAN-CVE-2025-24356

fastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address and initiate a reconnect by sending a handshake packet. This "fast...

CVE-2025-24356

The CVE-2025-24356 affects the fastd VPN daemon. When fastd receives a data packet from an unknown IP/port, it may assume a peer moved and trigger a fast-reconnect handshake (~150 bytes of UDP payload), creating an amplification factor of about 12–13 for UDP traffic. This can be exploited by spoo...

CVE-2024-51500 Failure to check for packets from the broadcast address allows potential DDoS amplification attack in Meshtastic firmware

Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address 0xFFFFFFFF which could result in unexpected behavior and potential for DDoS attacks on the network. A malicious actor could cra...

AZL-53837 CVE-2024-47850 affecting package cups for versions less than 1.28.17-3

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...