18 matches found
CVE-2026-22866
Ethereum Name Service ENS is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check...
EUVD-2011-5014
Malware in sbrugna...
EUVD-2020-20229
Malware in sbrugna...
CVE-2011-5114
Multiple cross-site scripting XSS vulnerabilities in the Authoritative DNS - DNS Zones page in Barracuda Link Balancer 330 Firmware 1.3.2.005 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 zoneid or 2 scope parameter...
[SECURITY] Fedora 40 Update: python-dns-2.6.1-1.fc40
dnspython is a DNS toolkit for Python. It supports almost all record types. It can be used for queries, zone transfers, and dynamic updates. It supports TSIG authenticated messages and EDNS0. dnspython provides both high and low level access to DNS. The high level classes perform queries for data...
CVE-2020-27725
In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this...
Design/Logic Flaw
In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this...
F5 Networks BIG-IP : zxfrd vulnerability (K25595031)
zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this vulnerability.CVE-2020-27725 Impact The memory leak by the zxfrd processeventually causesthe system to experiencean out-of-memory condition. As a...
Code injection
On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to any value other than the...
Active Directory Reconnaissance: ADRecon
ADRecon is a tool which extracts various artifacts as highlighted below out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD...
DNSControl - Synchronize your DNS to multiple providers from a simple DSL
DNSControl is a system for maintaining DNS zones. It has two parts: a domain specific language DSL for describing DNS zones plus software that processes the DSL and pushes the resulting zones to DNS providers such as Route53, CloudFlare, and Gandi. It can talk to Microsoft ActiveDirectory and it...
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
Description The Samba routine ndrpulldnspname contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndrpulldnspname parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory...
Moderate: Red Hat Security Advisory: ipa security, bug fix, and enhancement update
Updated ipa packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
CVE-2011-5114
Multiple cross-site scripting XSS vulnerabilities in the Authoritative DNS - DNS Zones page in Barracuda Link Balancer 330 Firmware 1.3.2.005 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 zoneid or 2 scope parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Authoritative DNS - DNS Zones page in Barracuda Link Balancer 330 Firmware 1.3.2.005 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 zoneid or 2 scope parameter...
CVE-2011-5114
The CVE-2011-5114 entry describes multiple cross-site scripting (XSS) vulnerabilities in the Barracuda Link Balancer 330, firmware 1.3.2.005 and earlier, specifically on the Authoritative DNS – DNS Zones page. The flaw allows remote attackers to inject arbitrary web script or HTML via the zoneid ...
CVE-2011-5114
Multiple cross-site scripting XSS vulnerabilities in the Authoritative DNS - DNS Zones page in Barracuda Link Balancer 330 Firmware 1.3.2.005 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 zoneid or 2 scope parameter...
Barracuda Link Balancer 330 - Input Validation Vulnerability
Document Title: =============== Barracuda Link Balancer 330 - Input Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=33 Barracuda - Link Balancer 330 Appliance - Firmware v1.3.2.005 & older versions Release Date: =============...