43 matches found
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : glibc (SUSE-SU-2026:1369-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1369-1 advisory. - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. -...
CVE-2026-4437
A flaw was found in glibc the GNU C Library. When an application uses the gethostbyaddr or gethostbyaddrr functions with a nsswitch.conf configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS Domain Name System response. This crafted response can caus...
CVE-2026-25518 cert-manager-controller DoS via Specially Crafted DNS Response
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller performs DNS...
GHSA-GX3X-VQ4P-MHHV cert-manager-controller DoS via Specially Crafted DNS Response
Impact The cert-manager-controller performs DNS lookups during ACME DNS-01 processing for zone discovery and propagation self-checks. By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a...
PT-2026-26670
Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.34 through 2.43 Description The GNU C Library contains a flaw where calling the gethostbyaddr or gethostbyaddr r functions with a specific nsswitch.conf configuration utilizing the library’s DNS backend may lead to a...
EUVD-2015-6268
Malware in sbrugna...
Rockwell Automation Stratix Cisco IOS and IOS XE Software DNS Forwarder Denial of Service (CVE-2016-6380)
A vulnerability in the DNS forwarder functionality of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present in the device's local DNS cache, or read part of the process memory. The vulnerability is due to a fla...
K47098834: glibc vulnerability CVE-2015-7547
Security Advisory Description Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS...
SUSE CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...
Remote Code Execution (RCE)
github.com/kubernetes/dns leverages the dnsmasq library which is vulnerable to a heap-based buffer overflow. An attacker could cause a denial of service or execute arbitrary code via crafted DNS response. This issue in dnsmasq has been assigned CVE-2017-14491...
CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...
CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...
Heap overflow
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...
Buffer overflow
Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...
CVE-2017-9454
Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...
CVE-2017-9454
Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...
CVE-2017-9454
Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...
CVE-2017-9454
Removed by vendor...
CVE-2017-9217
systemd-resolved through 233 allows remote attackers to cause a denial of service daemon crash via a crafted DNS response with an empty question section...
CVE-2017-9217
systemd-resolved through 233 allows remote attackers to cause a denial of service daemon crash via a crafted DNS response with an empty question section...