Lucene search
K

425 matches found

Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52210

Name of the Vulnerable Software and Affected Versions NSD version 4.13.0 Description A heap use-after-free bug exists when logging errors on TLS connections. This issue can be triggered by sending a DNS query over a DNS over TLS DoT connection and closing the connection before reading the respons...

8.8CVSS5.8AI score0.00303EPSS
Exploits0References12
OSV
OSV
added 2026/06/23 9:22 p.m.8 views

GHSA-HGJ6-7826-R7M5 jackson-databind: InetSocketAddress deserialization triggers eager DNS resolution (SSRF)

Summary JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution for hostname inputs at deserialization time. An application that binds untrusted JSON into a type containing an InetSocketAddress field issues an...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 9:17 p.m.3 views

UBUNTU-CVE-2026-54514

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Keys: Fixed the issue of linking a duplicate key to a keyring’s assocarray. When making a DNS query within the kernel using dnsquery, the request code can, in rare cases, create a duplicate index key in the assocarray of the...

6AI score0.00173EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/24 12:46 a.m.95 views

Exploit for Heap-based Buffer Overflow in Microsoft

the bug is at DnsQueryRaw function to be specific, inside DnsRa...

9.8CVSS6AI score0.01932EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2026/03/19 11:20 p.m.5 views

CVE-2026-30872

A flaw was found in OpenWrt's mdns daemon. A remote attacker can exploit a stack-based buffer overflow vulnerability by sending a specially crafted DNS query. This occurs when processing IPv6 reverse DNS queries, where the system fails to validate the length of incoming data. Successful...

9.8CVSS6.6AI score0.02221EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.11 views

SUSE SLES16 Security Update : glibc (SUSE-SU-2026:20198-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20198-1 advisory. Security fixes: - CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. - CVE-2026-0861: Fixed inadequate size...

8.4CVSS5.8AI score0.00564EPSS
Exploits1References14
OSV
OSV
added 2026/02/03 6:8 p.m.3 views

SUSE-SU-2026:0371-1 Security update for glibc

This update for glibc fixes the following issues: Security fixes: - CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256766. - CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in nssdnsgetnetbyaddrr bsc1256822...

8.4CVSS5.6AI score0.00564EPSS
Exploits1References8
OSV
OSV
added 2026/01/29 5:44 p.m.6 views

OPENSUSE-SU-2026:20133-1 Security update for glibc

This update for glibc fixes the following issues: Security fixes: - CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. - CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256766. - CVE-2026-0915: Fixed uninitialized stack...

8.4CVSS6AI score0.00564EPSS
Exploits1References9
OSV
OSV
added 2026/01/29 4:36 p.m.4 views

SUSE-SU-2026:20178-1 Security update for glibc

This update for glibc fixes the following issues: Security fixes: - CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. - CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256766. - CVE-2026-0915: Fixed uninitialized stack...

8.4CVSS7.3AI score0.00564EPSS
Exploits1References10
OSV
OSV
added 2026/01/29 4:36 p.m.3 views

SUSE-SU-2026:20198-1 Security update for glibc

This update for glibc fixes the following issues: Security fixes: - CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. - CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256766. - CVE-2026-0915: Fixed uninitialized stack...

8.4CVSS6.9AI score0.00564EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : nodejs:16 (AXSA:2023-6226:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6226:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

7.5CVSS8.3AI score0.01577EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.9 views

CVE-2021-33259

Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history...

5.3CVSS7.1AI score0.02193EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.6 views

CVE-2021-31228

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...

7.5CVSS6.7AI score0.0127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/31 1:53 p.m.11 views

CVE-2023-54170

In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate key to a keyring's assocarray When making a DNS query inside the kernel using dnsquery, the request code can in rare cases end up creating a duplicate index key in the assocarray of the destination...

5.5CVSS5.8AI score0.00173EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2023-54170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - keys: Fix linking a duplicate key to a keyring's assocarray When making a DNS query inside the kernel using dnsquery, the request code can in rare cases end up...

6.2AI score0.00173EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/30 3:30 p.m.5 views

EUVD-2023-60471

In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate key to a keyring's assocarray When making a DNS query inside the kernel using dnsquery, the request code can in rare cases end up creating a duplicate index key in the assocarray of the destination...

5.8AI score0.00173EPSS
Exploits0References7
OSV
OSV
added 2025/12/30 12:8 p.m.7 views

CVE-2023-54170 keys: Fix linking a duplicate key to a keyring's assoc_array

In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate key to a keyring's assocarray When making a DNS query inside the kernel using dnsquery, the request code can in rare cases end up creating a duplicate index key in the assocarray of the destination...

6.2AI score0.00173EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/11/05 2:13 a.m.7 views

CVE-2025-43376

A logic issue was addressed with improved state management. This issue is fixed in Safari 26, iOS 18.7.7 and iPadOS 18.7.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on...

7.5CVSS5.9AI score0.00747EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-4239

Malware in sbrugna...

7.5CVSS6.1AI score0.08437EPSS
Exploits0References12
Rows per page
Query Builder