31 matches found
CVE-2025-34317
IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME parameter when adding a new DNS entry. When a user adds a DNS entry, the application issues an HT...
CVE-2025-34317
IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME parameter when adding a new DNS entry. When a user adds a DNS entry, the application issues an HT...
EUVD-2018-0210
Malware in sbrugna...
CVE-2019-5167
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/editdnsserver %s dns-server-nr=%d dns-server-name= using...
[ASA-202108-13] c-ares: insufficient validation
Arch Linux Security Advisory ASA-202108-13 ========================================== Severity: Medium Date : 2021-08-10 CVE-ID : CVE-2021-3672 Package : c-ares Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-2268 Summary ======= The package c-ares before...
Denial Of Service (DoS)
samba is vulnerable to denial of service. The ldbqsort and dnsnamecompare routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords or DnssrvEnumRecords2, resulting in a denial of service condition due to following invalid memory as a...
Server-side request forgery in CarrierWave
Impact CarrierWave download feature or 1.3.2. Workarounds Using proper network segmentation and applying the principle of least privilege to outbound connections from application servers can reduce the severity of SSRF vulnerabilities. Ideally the vulnerable gem should run on an isolated server...
CVE-2019-5167
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/editdnsserver %s dns-server-nr=%d dns-server-name= using...
Command injection
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/editdnsserver %s dns-server-nr=%d dns-server-name= using...
GHSA-2XVJ-J3QH-X8C3 private_address_check contains race condition
The privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution i...
Race condition
privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution is a...
CVE-2018-3759
privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution is a...
CVE-2018-3759
privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution is a...
CVE-2018-3759
privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution is a...
private_address_check Ruby Gem Time-of-check Time-of-use race condition
privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address by the subsequent resolution is a...
Razer US: 2 Subdomain takeovers
Two domains no longer in use under .razerzone.com were left pointing to Cloudfront servers that were no longer active. The DNS entries were cleared. We appreciate the report and look forward to working with the researcher in the future...
GSA Bounty: Subdomain take-over of {REDACTED}.18f.gov
@jackds discovered a number of related subdomain takeover attacks against some subdomains of 18f.gov. Technically, these domains are out of scope for our Vulnerability Disclosure Policy. We want to remind hackers to please limit their testing to domains explicitly listed in that scope which is...
SUSE-SU-2016:3257-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues: - CVE-2015-8899: Denial of service between local and remote dns entries bsc983273...
Bime: Subdomain takeover due to unclaimed Amazon S3 bucket on a2.bime.io
I noticed BIME is primarily built on Amazon AWS, which spawned my interest. I started looking for DNS entries that were still pointing to S3 buckets that however no longer exist. It appears this was the case for a2.bime.io, which points to an Amazon S3 website bucket in the US East region. Steps ...
New Relic: SUBDOMAIN TAKEOVER(FIXED)
Hello, I Already Reported This issue Though 180436 Support Ticket , Which is Fixed Now ! Your Subdomain go.newrelic.com is pointing to unbouncepages.com You should immediately remove the DNS-entry for go.newrelic.com is pointing to unbouncepages.com.. Any One Can Claim That Domain , Please Read T...