19 matches found
CVE-2026-32946
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, the Harden-Runner that allows bypass of the egress-policy: block network restriction using DNS queries over TCP. Egress policies are enforced on GitHub runners by filtering...
CVE-2026-32946 Egress Policy Bypass via DNS over TCP in Harden-Runner (Community Tier)
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, the Harden-Runner that allows bypass of the egress-policy: block network restriction using DNS queries over TCP. Egress policies are enforced on GitHub runners by filtering...
CVE-2026-32946
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, the Harden-Runner that allows bypass of the egress-policy: block network restriction using DNS queries over TCP. Egress policies are enforced on GitHub runners by filtering...
Egress Policy Bypass via DNS over TCP in Harden-Runner (Community Tier)
Summary A vulnerability exists in the Community Tier of Harden-Runner that allows bypassing the egress-policy: block network restriction using DNS queries over TCP. Harden-Runner enforces egress policies on GitHub runners by filtering outbound connections at the network layer. When egress-policy:...
CVE-2025-61430
Improper handling of DNS over TCP in Simple DNS Plus v9 allows a remote attacker with querying access to the DNS server to cause the server to return request payloads from other clients. This happens when the TCP length prefix is malformed len differs from actual packet len, and due to a...
CVE-2025-61430
Improper handling of DNS over TCP in Simple DNS Plus v9 allows a remote attacker with querying access to the DNS server to cause the server to return request payloads from other clients. This happens when the TCP length prefix is malformed len differs from actual packet len, and due to a...
EUVD-2013-5319
Malware in sbrugna...
EUVD-2013-5320
Malware in sbrugna...
CVE-2013-5479
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service device reload via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730...
Bullfrog's DNS over TCP bypasses domain filtering
Summary Using tcp breaks blocking and allows DNS exfiltration. PoC name: test on: push: branches: - "" jobs: testBullFrog: runs-on: ubuntu-22.04 steps: - name: Use google dns run: | sudo resolvectl dns eth0 1.1.1.1 resolvectl status - name: Set up bullfrog to block everything uses:...
CVE-2025-47775
The CVE-2025-47775 refers to Bullfrog, a GitHub Action that blocks unauthorized outbound traffic in workflows. The issue: before version 0.8.4, Bullfrog’s TCP handling could bypass the intended block, enabling DNS data exfiltration and a sandbox bypass. Affected version range includes all release...
glibc: Stack read overflow in getaddrinfo in no-aaaa mode
A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...
AZL-34732 CVE-2023-4527 affecting package glibc for versions less than 2.38-11
A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...
K23278332: A DNS over TCP packet is not rate-limited accurately using the single-endpoint DoS device flood vector
Security Advisory Description This issue occurs when all of the following conditions are met: Setting the correct DNS packet type in the denial-of-service DoS device sweep or flood vector. Matching traffic sends DNS over TCP. Impact The mitigation for DNS over TCP packets is not working as expect...
DNSMonster - Passive DNS Capture/Monitoring Framework
Passive DNS collection and monitoring built with Golang, Clickhouse and Grafana: dnsmonster implements a packet sniffer for DNS traffic. It can accept traffic from a pcap file, a live interface or a dnstap socket, and can be used to index and store thousands of DNS queries per second it has shown...
CVE-2013-5480
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service device reload via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733...
Code injection
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service device reload via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733...
Design/Logic Flaw
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service device reload via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730...
CVE-2013-5479
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service device reload via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730...