EUVD-2023-35775

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-24199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/dns.c. CVE-2024-24199 Note that Nessus relies on the presence of the packa...

CVE-2024-24199

smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/dns.c...

CVE-2024-24199

smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/dns.c...

smartdns security vulnerability

SmartDNS is a DNS server running locally by Nick Peng Personal Developer. A security vulnerability exists in smartdns, which stems from the inclusion of an unaligned address in smartdns/src/dns.c. The vulnerability is caused by the inclusion of an unaligned address in smartdns/src/dns.c...

Amazon Linux 2 : haproxy2 (ALASHAPROXY2-2023-002)

The version of haproxy2 installed on the remote host is prior to 2.2.17-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2HAPROXY2-2023-002 advisory. An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missi...

Stack overflow

SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the dnsencodedomain function in the dns.c file, via a crafted DNS request...

CVE-2018-20102

An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing...

CVE-2018-20103

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion...

EulerOS Virtualization for ARM 64 3.0.3.0 : haproxy (EulerOS-SA-2019-2329)

According to the versions of the haproxy package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missing...

Arbitrary Code Execution

php is vulnerable to arbitrary code execution. The vulnerability exists through multiple buffer overflow in the phpparserr function of ext/standard/dns.c...

Stack overflow

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion...

CVE-2018-20103

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion...

CVE-2018-20103

CVE-2018-20103 affects HAProxy versions up to 1.8.14 (and related 1.8.x lineage); a crafted DNS response with a compressed pointer can cause infinite recursion or long pointer chains, leading to stack exhaustion and denial of service. The issue originates in dns.c when validating DNS responses. R...

CVE-2018-20103

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion...

CVE-2018-20103

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion...

CVE-2014-4883

resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets...

Buffer overflow

Multiple buffer overflows in the phpparserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted DNS record, related to the dnsgetrecord function and the...

CVE-2014-3597

Multiple buffer overflows in the phpparserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted DNS record, related to the dnsgetrecord function and the...

CVE-2012-3517

Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service daemon crash via vectors related to failed DNS requests...