Lucene search
K

43 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.3 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : glibc (SUSE-SU-2026:1369-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1369-1 advisory. - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. -...

7.5CVSS5.9AI score0.00292EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2026/03/23 7:3 a.m.4 views

CVE-2026-4437

A flaw was found in glibc the GNU C Library. When an application uses the gethostbyaddr or gethostbyaddrr functions with a nsswitch.conf configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS Domain Name System response. This crafted response can caus...

7.5CVSS5.6AI score0.00292EPSS
Exploits1References4
OSV
OSV
added 2026/02/04 9:18 p.m.6 views

CVE-2026-25518 cert-manager-controller DoS via Specially Crafted DNS Response

cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller performs DNS...

5.9CVSS5.5AI score0.00349EPSS
Exploits0References9
OSV
OSV
added 2026/02/02 10:11 p.m.4 views

GHSA-GX3X-VQ4P-MHHV cert-manager-controller DoS via Specially Crafted DNS Response

Impact The cert-manager-controller performs DNS lookups during ACME DNS-01 processing for zone discovery and propagation self-checks. By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a...

5.9CVSS5.5AI score0.00349EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-26670

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.34 through 2.43 Description The GNU C Library contains a flaw where calling the gethostbyaddr or gethostbyaddr r functions with a specific nsswitch.conf configuration utilizing the library’s DNS backend may lead to a...

7.5CVSS5.7AI score0.00292EPSS
Exploits2References45
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-6268

Malware in sbrugna...

7.8CVSS6.2AI score0.01908EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.20 views

Rockwell Automation Stratix Cisco IOS and IOS XE Software DNS Forwarder Denial of Service (CVE-2016-6380)

A vulnerability in the DNS forwarder functionality of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present in the device's local DNS cache, or read part of the process memory. The vulnerability is due to a fla...

8.3CVSS7.3AI score0.03011EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 7:35 p.m.53 views

K47098834: glibc vulnerability CVE-2015-7547

Security Advisory Description Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS...

8.1CVSS8.5AI score0.89557EPSS
Exploits17Affected Software9
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.1 views

SUSE CVE-2017-14491

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...

6.5CVSS8.1AI score0.84925EPSS
Exploits6References15
Veracode
Veracode
added 2019/01/15 9:19 a.m.29 views

Remote Code Execution (RCE)

github.com/kubernetes/dns leverages the dnsmasq library which is vulnerable to a heap-based buffer overflow. An attacker could cause a denial of service or execute arbitrary code via crafted DNS response. This issue in dnsmasq has been assigned CVE-2017-14491...

9.8CVSS8.9AI score0.84925EPSS
Exploits6References47Affected Software1
NVD
NVD
added 2017/10/04 1:29 a.m.30 views

CVE-2017-14491

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...

9.8CVSS9AI score0.84925EPSS
Exploits6References40
OSV
OSV
added 2017/10/04 1:29 a.m.34 views

CVE-2017-14491

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...

9.8CVSS9.7AI score
Exploits0References40
Prion
Prion
added 2017/10/04 1:29 a.m.40 views

Heap overflow

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response...

7.5CVSS8.8AI score0.84925EPSS
Exploits6References40Affected Software21
Prion
Prion
added 2017/08/18 2:29 p.m.11 views

Buffer overflow

Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...

5CVSS7.3AI score0.01992EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2017/08/18 2:29 p.m.21 views

CVE-2017-9454

Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...

7.5CVSS7.2AI score0.01992EPSS
Exploits0References3
OSV
OSV
added 2017/08/18 2:29 p.m.10 views

CVE-2017-9454

Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...

7.5CVSS7AI score
Exploits0References2
Cvelist
Cvelist
added 2017/08/18 2:0 p.m.20 views

CVE-2017-9454

Buffer overflow in the aresparseareply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service out-of-bounds-read via a crafted DNS response...

7.4AI score0.01992EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/08/18 2:0 p.m.20 views

CVE-2017-9454

Removed by vendor...

7.5CVSS7.7AI score0.01992EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/05/25 10:50 a.m.25 views

CVE-2017-9217

systemd-resolved through 233 allows remote attackers to cause a denial of service daemon crash via a crafted DNS response with an empty question section...

7.5CVSS5.4AI score0.15422EPSS
Exploits0References1
NVD
NVD
added 2017/05/24 5:29 a.m.16 views

CVE-2017-9217

systemd-resolved through 233 allows remote attackers to cause a denial of service daemon crash via a crafted DNS response with an empty question section...

7.5CVSS7.2AI score0.15422EPSS
Exploits0References5
Rows per page
Query Builder