DNS Monitoring System with HTTP Dashboard

This Python script implements a small Security Operations Center Mini SOC that focuses on DNS traffic monitoring...

EUVD-2024-22888

Malicious code in bioql PyPI...

EUVD-2025-0150

Malicious code in bioql PyPI...

Denial Of Service (DoS)

github.com/apache/trafficcontrol is vulnerable to Denial of Service DoS. The vulnerability is due to TCP connections on the DNS port remaining in the ESTABLISHED state indefinitely, which allows an attacker to exhaust the thread pool handling DNS requests and prevent the service from processing...

Google Chrome OS Information Disclosure Vulnerability (CNVD-2025-09152)

Google Chrome OS is a lightweight, open source, web-based operating system from Google. Google Chrome OS suffers from an information disclosure vulnerability that stems from a failure to properly tunnel DNS traffic during VPN state transitions, for which no detailed vulnerability details are...

BIT-HUBBLE-RELAY-2025-23028 DoS in Cilium agent DNS proxy from crafted DNS responses

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an...

BIT-CILIUM-OPERATOR-2025-23028 DoS in Cilium agent DNS proxy from crafted DNS responses

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an...

BIT-CILIUM-2025-23028 DoS in Cilium agent DNS proxy from crafted DNS responses

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an...

Amazon Linux 2 : unbound (ALAS-2024-2650)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2650 advisory. NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that i...

CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

Unbound -- Denial of service attack

NLnet labs report: A vulnerability has been discovered in Unbound when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to...

CVE-2024-39529

A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If DNS Domain Generation Algorithm DGA detection or tunnel detection, and...

CVE-2024-39529 Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash

A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If DNS Domain Generation Algorithm DGA detection or tunnel detection, and...

CVE-2024-39529

CVE-2024-39529 describes a Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Junos OS on SRX Series, allowing an unauthenticated, network-based attacker to cause a DoS. Affected Junos OS versions include: prior to 21.4R3-S6; 22.2 before 22.2R3-S3; 2...

CVE-2024-39529 Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash

A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If DNS Domain Generation Algorithm DGA detection or tunnel detection, and...

PT-2024-5533 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S6 Junos OS 22.2 versions prior to 22.2R3-S3 Junos OS 22.3 versions prior to 22.3R3-S3 Junos OS 22.4 versions prior to 22.4R3 Junos OS 23.2 versions prior to 23.2R2 Description: A Use of Externally-Controlled...

F5 Networks BIG-IP : TMM vulnerability (K000139037)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000139037 advisory. - When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel T...

CVE-2024-25560 TMM Vulnerability

When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2024-25560

CVE-2024-25560 affects F5 BIG-IP AFM/TMM: when a DNS profile is applied to a virtual server, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate, leading to DoS. The advisory K000139037 lists affected branches and fixes: BIG-IP (all modules) 17.x (17.1.0 vulner...