Astra Linux - уязвимость в samba

A flaw was discovered in Samba’s DNS server. A authenticated user could exploit this flaw to cause damage to the RPC server. This RPC server, which also supports protocols other than dnsserver, will be restarted after a short delay. However, it is easy for an authenticated, non-administrative...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.171-2.6.13.0.AXS4 (AXSA:2018-2753:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2753:01 advisory. A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox...

CVE-2025-40778

A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...

EUVD-2020-26379

Malware in sbrugna...

EUVD-2023-54109

Malicious code in bioql PyPI...

CVE-2020-5132

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of...

OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...

Cybersecurity Firm Hacks Itself, Finds DNS Flaw Leak AWS Credentials

By Waqas Self-Hack: Strengthen Your Security Before External Threats Strike! This is a post from HackRead.com Read the original post: Cybersecurity Firm Hacks Itself, Finds DNS Flaw Leak AWS Credentials...

CVE-2022-2835

A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc...

SUSE CVE-2010-0097

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records, which allows remote attackers to add the Authenticated Data AD flag to a forged NXDOMAIN response for an existing domain...

Contiki 缓冲区错误漏洞

Nut/OS is a modular, open-source real-time operating system for embedded platforms. A denial of service and remote code execution vulnerability exists in the DNS implementation in Ethernut in Nut/OS 5.1. The vulnerability stems from a failure to check if a domain name ends in '0'. An attacker cou...

DEBIAN-CVE-2020-14383

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again...

ALPINE-CVE-2020-14383

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again...

AZL-7349 CVE-2020-14383 affecting package samba 4.12.5-7

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again...

CVE-2020-14383

A flaw was found in Samba's DNS server. This flaw allows an authenticated user to crash the RPC server. The RPC server, which also serves protocols other than the DNS server, is restarted after a short delay, however, an authenticated non-administrative attacker can cause a crash as soon as it...

Code injection

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of...

CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug

The U.S. Cybersecurity and Infrastructure Security Agency CISA is ordering all federal executive branch offices to apply a patch for a wormable Windows Server bug within 24 hours, warning of a “high potential for compromise of agency information systems.” In an Emergency Directive, the Department...

Microsoft Tackles 123 Fixes for July Patch Tuesday

A critical DNS bug and a publicly known elevation-of-privilege flaw top Microsoft’s July Patch Tuesday list of 123 fixes. The DNS flaw is a remote code-execution bug and is touted as one of the most critical Windows vulnerabilities released this year, earning the highest-severity CVSS score of 10...

CVE-2017-14423

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...

CVE-2015-0671

The DNS implementation in Cisco Videoscape Distribution Suite for Internet Streaming VDS-IS 3.21 allows remote attackers to cause a denial of service CPU consumption and network-resource consumption via crafted packets, aka Bug ID CSCun15911...