34 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.61 bug fix and security update
Red Hat OpenShift Container Platform release 4.14.61 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
TencentOS Server 3: container-tools:rhel8 (TSSA-2024:0779)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0779 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2025-1329
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function...
CVE-2025-1330
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function...
CVE-2025-1330 IBM CICS TX code execution
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function...
CVE-2025-1330 IBM CICS TX code execution
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function...
CVE-2025-1329 IBM CICS TX code execution
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function...
PT-2025-20425 · Ibm · Ibm Cics Tx Standard +1
Name of the Vulnerable Software and Affected Versions: IBM CICS TX Standard versions 11.1 IBM CICS TX Advanced versions 10.1 through 11.1 Description: The issue is due to the failure to handle DNS return requests by the gethostbyaddr function, which could allow a local user to execute arbitrary...
openSUSE 15 Security Update : coredns (openSUSE-SU-2025:0131-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025:0131-1 advisory. - Update to version 1.12.1: core: Increase CNAME lookup limit from 7 to 10 7153 plugin/kubernetes: Fix handling of pods having DeletionTimestamp set...
Server Side Request Forgery (SSRF)
mobsf is vulnerable to Server Side Request Forgery SSRF Abuse. The vulnerability is due to socket.gethostbyname not properly handling DNS rebinding, allows attackers to exploit DNS resolutions and make requests to internal services...
Security update for coredns (moderate)
openSUSE Security Update: Security update for coredns Announcement ID: openSUSE-SU-2024:0319-1 Rating: moderate References: Cross-References: CVE-2022-27191 CVE-2022-28948 CVE-2023-28452 CVE-2023-30464 CVE-2024-0874 CVE-2024-22189 CVSS scores: CVE-2022-27191 SUSE: 7.5...
CVE-2024-5228 TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability
TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this...
OPENSUSE-SU-2023:0101-1 Security update for pdns-recursor
This update for pdns-recursor fixes the following issues: pdns-recursor was updated to 4.6.6: fixes deterred spoofing attempts can lead to authoritative servers being marked unavailable boo1209897, CVE-2023-26437 Fixes in 4.6.5: When an expired NSEC3 entry is seen, move it to the front of the...
CVE-2022-25726
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...
USN-5583-2 systemd regression
USN-5583-1 fixed vulnerabilities in systemd. Unfortunately this caused a regression by introducing networking problems for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that systemd incorrectly handled certain DNS...
Stack overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.662445553 wireless access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS response...
Stack overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.731645553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted D...
uclibc-ng 跨站脚本漏洞
uclibc-ng is an application. A small C library for Linux. A security vulnerability in uClibc and uClibc-ng prior to 1.0.39 stems from improper handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo, resulting in the...
Mozilla Rust Resource Management Error Vulnerability (CNVD-2021-30439)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in trust-dns-server crate in Mozilla Rust versions prior to 0.18.1, which stems from a DNS MX and SRV null target handling error that results in stack consumption...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results...