7 matches found
CVE-2026-28810 Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver
Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel inetres, inetdb modules allows DNS Cache Poisoning. The built-in DNS resolver inetres uses a sequential, process-global 16-bit transaction ID for UDP queries and does not implement source port randomization...
EEF-CVE-2026-28810 Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver
Summary Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel inet\res, inet\db modules allows DNS Cache Poisoning. The built-in DNS resolver inet\res uses a sequential, process-global 16-bit transaction ID for UDP queries and does not implement source port...
ALPINE-CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945
CVE-2026-32945 affects PJSIP 2.16 and earlier; the DNS parser’s name-length handling in pjlib-util (get_name_len/get_name) allows a heap-based buffer overflow via a crafted DNS response, enabling remote DoS. The issue is fixed in PJSIP 2.17. Mitigations/workarounds: upgrade to 2.17, or avoid DNS ...
CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...