Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

27 matches found

Positive Technologies
Positive Technologiesā€¢added 2026/05/05 12:0 a.m.ā€¢5 views

PT-2026-37304

Name of the Vulnerable Software and Affected Versions Link Preview JS versions prior to 4.0.1 Description The library fails to check for IPv6 loopback attacks and is susceptible to DNS attacks where an address can be resolved into an internal IP. These issues may lead to internal data leaks...

8.7CVSS5.8AI score0.00054EPSS
Exploits0References7
RedhatCVE
RedhatCVEā€¢added 2026/04/09 7:23 p.m.ā€¢2 views

CVE-2026-35519

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS6.2AI score0.00262EPSS
Exploits0References1
NVD
NVDā€¢added 2026/04/07 4:16 p.m.ā€¢0 views

CVE-2026-35519

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS0.00262EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBā€¢added 2026/04/07 3:18 p.m.ā€¢0 views

CVE-2026-35519

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS6.2AI score0.00262EPSS
Exploits0References2Affected Software1
EUVD
EUVDā€¢added 2026/04/07 3:18 p.m.ā€¢0 views

EUVD-2026-19711

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS6.2AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelistā€¢added 2026/04/07 3:18 p.m.ā€¢18 views

CVE-2026-35519 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.hostRecord Newline Injection

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS0.00262EPSS
Exploits0References1
Positive Technologies
Positive Technologiesā€¢added 2026/04/07 12:0 a.m.ā€¢2 views

PT-2026-30884

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS6.2AI score0.00262EPSS
Exploits0References2
RedhatCVE
RedhatCVEā€¢added 2026/01/07 9:40 a.m.ā€¢6 views

CVE-1999-0101

Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names...

10CVSS7.2AI score0.03249EPSS
Exploits3References1
RedhatCVE
RedhatCVEā€¢added 2025/10/29 3:18 p.m.ā€¢3 views

CVE-2025-34309

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SERVICE, LOGIN, and PASSWORD parameters when creating or editing a Dynamic DNS host. When a new Dynamic DNS...

5.4CVSS6AI score0.00033EPSS
Exploits0References1
OSV
OSVā€¢added 2025/10/28 3:16 p.m.ā€¢1 views

CVE-2025-34309

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SERVICE, LOGIN, and PASSWORD parameters when creating or editing a Dynamic DNS host. When a new Dynamic DNS...

5.4CVSS5.9AI score
Exploits0References3
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢2 views

EUVD-1999-0101

Malware in sbrugna...

10CVSS6.4AI score0.03249EPSS
Exploits3References3
OSV
OSVā€¢added 2023/04/17 11:5 a.m.ā€¢1 views

OESA-2023-1233 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.CVE-2023-0225 The Samb...

5.9CVSS6.7AI score0.00413EPSS
Exploits0References3
OSV
OSVā€¢added 2023/04/03 11:15 p.m.ā€¢1 views

DEBIAN-CVE-2023-0225

A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...

4.3CVSS6AI score0.00413EPSS
Exploits0References1
SUSE CVE
SUSE CVEā€¢added 2023/02/15 3:25 a.m.ā€¢1 views

SUSE CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

4.3CVSS6.9AI score0.01153EPSS
Exploits1References12
Veracode
Veracodeā€¢added 2022/11/03 6:48 a.m.ā€¢19 views

Privilege Escalation

samba is vulnerable to privilege escalation. The vulnerability exists because it does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which allows an unprivileged users to write it...

7.5CVSS6.1AI score0.01153EPSS
Exploits1References6Affected Software1
OSV
OSVā€¢added 2022/09/12 7:0 a.m.ā€¢4 views

SUSE-SU-2022:3244-1 Security update for samba

This update for samba fixes the following issues: - CVE-2022-1615: Fixed error handling in random number generation bso15103bsc1202976. - CVE-2022-32743: Implement validated dnsHostName write rights bso14833bsc1202803. Bugfixes: - Fixed use after free when iterating smbdserverconnection-connectio...

7.5CVSS5.8AI score0.01153EPSS
Exploits2References6
OSV
OSVā€¢added 2022/09/01 9:15 p.m.ā€¢1 views

DEBIAN-CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

7.5CVSS7.2AI score0.01153EPSS
Exploits1References1
NVD
NVDā€¢added 2022/09/01 9:15 p.m.ā€¢16 views

CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

7.5CVSS0.01153EPSS
Exploits1References4
OSV
OSVā€¢added 2022/09/01 9:15 p.m.ā€¢0 views

AZL-10865 CVE-2022-32743 affecting package samba 4.12.5-7

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

7.5CVSS7.1AI score0.01153EPSS
Exploits1References1
OSV
OSVā€¢added 2022/09/01 9:15 p.m.ā€¢1 views

ALPINE-CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

7.5CVSS6.9AI score0.01153EPSS
Exploits1References1
Rows per page
Query Builder