CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

AlpineLinux•added 2026/05/11 4:48 p.m.•6 views

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.00027EPSS

Exploits2

AlpineLinux•added 2026/05/11 4:47 p.m.•8 views

CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

7.5CVSS5.8AI score0.0024EPSS

Exploits0

CNNVD•added 2026/05/11 12:0 a.m.•2 views

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from an issue with DNSSEC verification. This vulnerability allows remote attackers to cause denial-of-service attacks through specially crafted DNS packets...

7.5CVSS5.8AI score0.0024EPSS

Exploits0References1

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-4893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet...

5.3CVSS5.8AI score0.00027EPSS

Exploits2References3

CVE•added 2026/03/31 11:57 a.m.•5 views

CVE-2026-24028

CVE-2026-24028 describes an out-of-bounds read when parsing DNS packets via Lua: if custom Lua code uses newDNSPacketOverlay to parse DNS packets, a crafted DNS response can trigger a crash (DoS) or unauthorized memory access (potential information disclosure). The available documents do not spec...

8.2CVSS5.9AI score0.00006EPSS

Exploits0References1Affected Software1

RedHat Linux•added 2025/12/22 4:49 p.m.•2 views

resolv: Denial of Service in resolv gem

A denial of service flaw was found in resolv ruby gem. This flaw allows an attacker to craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses this packet, the name decompression process consumes a large amount of CPU resources, as the library does...

7.5CVSS5.7AI score0.00268EPSS

Exploits0References5