Lucene search
+L

25 matches found

CVE
CVE
added yesterday29 views

CVE-2026-47180

CVE-2026-47180 affects the Zeroconf Python library. The vulnerability stems from DNSIncoming._decode_labels_at_offset recursing for each DNS-name compression pointer; a crafted mDNS packet with ~1500 chained pointers can cause unbounded recursion, escaping DNSIncoming.init and triggering sustaine...

6.5CVSS5.2AI score0.0002EPSS
Exploits0References4
OSV
OSV
added 5 days ago5 views

PYSEC-2026-3436 zeroconf has unbounded recursion in DNS compression-pointer decoder that allows LAN-local denial of service

Impact DNSIncoming.decodelabelsatoffset recurses once per DNS-name compression pointer RFC 1035 §4.1.4. Pointer cycles and label counts were capped, but the chain length of unique forward pointers was not. A single 3 kB mDNS packet carrying 1500 chained pointers drives the recursion past CPython'...

6.5CVSS6.1AI score0.0002EPSS
Exploits0References7
OSV
OSV
added 2026/07/10 11:16 a.m.3 views

UBUNTU-CVE-2026-14461

mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...

5.1CVSS6.1AI score0.00303EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/10 10:38 a.m.31 views

CVE-2026-14461 Out-of-bound read in mtr

mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...

5.1CVSS0.00303EPSS
Exploits0References2
CVE
CVE
added 2026/07/10 10:38 a.m.12 views

CVE-2026-14461

The CVE-2026-14461 entry affects mtr up to version 0.96, where ipinfo_lookup() performs DNS AS lookups and can be triggered by a TXT response larger than 512 bytes with a crafted compression pointer, causing an out-of-bounds read. The function uses the response length as the end-of-message bounda...

5.1CVSS6.1AI score0.00303EPSS
Exploits0References2
OSV
OSV
added 2026/07/10 10:38 a.m.3 views

CVE-2026-14461 Out-of-bound read in mtr

mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...

5.1CVSS6.1AI score0.00303EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 9:8 a.m.4 views

OPENSUSE-SU-2026:21175-1 Security update for python-zeroconf

This update for python-zeroconf fixes the following issues: Changes in python-zeroconf: - CVE-2026-47180: zeroconf has unbounded recursion in DNS compression-pointer decoder that allows LAN-local denial of service bsc1268341 - CVE-2026-47183: zeroconf: Unbounded exception-dedup state retains pack...

6.5CVSS5.8AI score0.00023EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18042

Malware in sbrugna...

9.8CVSS9.2AI score0.02356EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-9104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered. CVE-2017-9104 Note that Nessus relies on the...

9.8CVSS7.3AI score0.02356EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.5 views

SUSE CVE-2011-4315

Heap-based buffer overflow in compression-pointer processing in core/ngxresolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service daemon crash or possibly have unspecified other impact via a long response...

6.8CVSS7.9AI score0.0607EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.3 views

SUSE CVE-2017-9104

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered...

7.5CVSS7AI score0.02356EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2022/05/21 12:2 a.m.46 views

CVE-2017-9104

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered...

9.8CVSS1.7AI score0.02356EPSS
Exploits0References1
CVE
CVE
added 2021/08/18 6:39 p.m.94 views

CVE-2020-25767

CVE-2020-25767 affects HCC Embedded InterNiche/NicheStack (IPv4) prior to 4.3. The root cause is in the dnc_copy_in DNS domain name parser, which fails to validate that compression pointers stay within packet bounds, enabling an out-of-bounds read and potential DoS via crafted DNS data. Affected ...

7.5CVSS7.9AI score0.01453EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/06/18 3:15 p.m.7 views

CVE-2017-9104

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered...

9.8CVSS9.4AI score
Exploits0References6
NVD
NVD
added 2020/06/18 3:15 p.m.20 views

CVE-2017-9104

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered...

9.8CVSS0.02356EPSS
Exploits0References6
OSV
OSV
added 2020/06/18 3:15 p.m.4 views

DEBIAN-CVE-2017-9104

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered...

9.8CVSS7AI score0.02356EPSS
Exploits0References1
OSV
OSV
added 2020/06/18 3:15 p.m.4 views

UBUNTU-CVE-2017-9104

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered...

9.8CVSS7.3AI score0.02356EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/06/12 12:0 a.m.6 views

PT-2020-8502 · Adns +2 · Adns +2

Name of the Vulnerable Software and Affected Versions: adns versions prior to 1.5.2 Description: An issue was discovered in adns where it hangs and consumes CPU resources if a compression pointer loop is encountered. Recommendations: For versions prior to 1.5.2, update to version 1.5.2 or later t...

9.8CVSS8.2AI score0.03603EPSS
Exploits0References49
OSV
OSV
added 2020/03/24 9:15 p.m.28 views

CVE-2020-6071

An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service. An attacker can...

7.5CVSS6.5AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/03/24 9:15 p.m.29 views

CVE-2020-6071

An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service. An attacker can...

7.5CVSS7.1AI score0.02396EPSS
Exploits1References3
Rows per page
Query Builder