26 matches found
CVE-2026-42960
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...
EUVD-2008-4177
Malware in sbrugna...
EUVD-2022-0095
Malicious code in bioql PyPI...
OESA-2023-1791 qt5-qtbase security update
Qt is a software toolkit for developing applications. Security Fixes: An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.CVE-2023-33285...
AZL-26943 CVE-2023-33285 affecting package qt5-qtbase for versions less than 5.12.11-9
An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server...
SUSE CVE-2014-9402
The nssdns implementation of getnetbyname in GNU C Library aka glibc before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service infinite loop by sending a positive answer while a network name is being process...
SUSE CVE-2022-22846
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
SUSE CVE-2022-23097
An issue was discovered in the DNS proxy in Connman through 1.40. forwarddnsreply mishandles a strnlen call, leading to an out-of-bounds read...
GHSA-R478-C2PC-M7GX dnslib has DNS reply verification issue
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
dnslib has DNS reply verification issue
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
CVE-2022-22846
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
CVE-2022-22846
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
PYSEC-2022-4
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
CVE-2022-22846
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
CVE-2022-22846
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially...
CVE-2019-18934
A shell command injection vulnerability was discovered in the way unbound handles DNS queries for systems with a public key used for IPsec. When ipsecmod is enabled, a malicious DNS server could send a DNS reply which would be used during a following DNS query to execute shell commands with the...
dnsmasq: heap overflow in the code responsible for building DNS replies
A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code...
Squid DNS Replies Invalid Free Code Execution (CVE-2011-4096)
A remote code execution vulnerability has been reported in the Squid proxy server. The vulnerability is due to an error while processing certain DNS replies. An attacker may exploit this issue by enticing affected users to open a link containing a host name, which will cause a malicious DNS reply...
CVE-2011-4096
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service daemon abort via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record...