719 matches found
SUSE CVE-2025-54588
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
BIT-ENVOY-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
PT-2025-35643
Name of the Vulnerable Software and Affected Versions: Envoy versions 1.34.0 through 1.34.4 Envoy version 1.35.0 Description: Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Affected versions contain a use-after-free UAF vulnerabili...
Linux Distros Unpatched Vulnerability : CVE-2018-10920
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. CVE-2018-10920 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2020-25685
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:replyquery, which is the forwarded que...
TencentOS Server 3: dnsmasq (TSSA-2022:0246)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0246 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2023-26438
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use TOCTOU weakness, involving the JDK DNS cache. Attackers that were timing DNS cache expiry correctly were able to inject configuration that would bypass existing network deny-lists. Attackers could...
CVE-2023-41045
Graylog is a free and open log management platform. Graylog makes use of only one single source port for DNS queries. Graylog binds a single socket for outgoing DNS queries and while that socket is bound to a random port number it is never changed again. This goes against recommended practice sin...
CVE-2023-30464
CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack...
CVE-2023-28457
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache poisoning attack and inject fake responses within 1 second, which is impactful...
CVE-2022-34294
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...
CVE-2022-30295
uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2...
CVE-2021-25677
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions = V0.5.0.0 V1.0.0.0, TALON TC Compact BACnet All versions V3.5.5, TALON TC Modular BACnet All versions V3.5.5. The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the D...
CVE-2013-5703
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js...
CVE-2008-3436
The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...
CVE-2002-2213
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record RR combined with spoofed...