CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from an issue with DNSSEC verification. This vulnerability allows remote attackers to cause denial-of-service attacks through specially crafted DNS packets...

Linux Distros Unpatched Vulnerability : CVE-2026-4893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet...

EUVD-2014-2151

Malware in sbrugna...

EUVD-2018-11217

Malware in sbrugna...

PT-2025-33315 · Cisco · Cisco Secure Firewall Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description: A vulnerability in the function that performs IPv4 and IPv6 Network Address...

The vulnerability of the Application Layer DNS Gateway Function (ALG) of Cisco IOS XE, which allows a hacker to trigger a device reboot or cause a service failure.

The vulnerability of the Application Layer DNS Gateway Function ALG of Cisco IOS XE lies in insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause service failure through a specially crafted DNS packet...

CVE-2021-1446 Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the DNS application layer gateway ALG functionality used by Network Address Translation NAT in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected...

CVE-2020-24335

An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets...

CVE-2017-14491

A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code...

CVE-2017-14495

A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the...

NewStart CGSL MAIN 4.05 : dnsmasq Vulnerability (NS-SA-2019-0112)

The remote NewStart CGSL host, running version MAIN 4.05, has dnsmasq packages installed that are affected by a vulnerability: - A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it...

Code injection

TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service Tlb Load Exception via crafted DNS packets to port 53/udp...

CVE-2018-19528

TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service Tlb Load Exception via crafted DNS packets to port 53/udp...

EulerOS 2.0 SP2 : dnsmasq (EulerOS-SA-2018-1285)

According to the versions of the dnsmasq packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory...

CVE-2017-12087

An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...

CVE-2017-13704

An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the DNS code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash...

Debian DSA-3904-1 : bind9 - security update

Clement Berthaux from Synaktiv discovered two vulnerabilities in BIND, a DNS server implementation. They allow an attacker to bypass TSIG authentication by sending crafted DNS packets to a server. - CVE-2017-3142 An attacker who is able to send and receive messages to an authoritative DNS server...

Debian Security Advisory DSA 3904-1 (bind9 - security update)

Clément Berthaux from Synaktiv discovered two vulnerabilities in BIND, a DNS server implementation. They allow an attacker to bypass TSIG authentication by sending crafted DNS packets to a server. CVE-2017-3142 An attacker who is able to send and receive messages to an authoritative DNS server an...