Lucene search
K

35 matches found

UbuntuCve
UbuntuCve
added 2026/04/17 1:16 p.m.7 views

CVE-2026-6507

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/17 12:23 p.m.3 views

CVE-2026-6507

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.8 views

PT-2026-33448

Name of the Vulnerable Software and Affected Versions dnsmasq affected versions not specified Description A remote attacker can trigger an out-of-bounds write by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a server configured with the --dhcp-split-relay option. This...

7.5CVSS5.3AI score0.00482EPSS
Exploits0References34
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.3 views

MiracleLinux 7 : dnsmasq-2.76-16.el7.1 (AXSA:2021-1266:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1266:01 advisory. dnsmasq: loose address/port check in replyquery makes forging replies easier for an off-path attacker CVE-2020-25684 dnsmasq: loose query name check...

4.3CVSS6.9AI score0.04873EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-6464

Malware in sbrugna...

5.9CVSS5.7AI score0.0123EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2020-18346

Malware in sbrugna...

4.3CVSS6.4AI score0.04041EPSS
Exploits2References25
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-18347

Malware in sbrugna...

4.3CVSS6.4AI score0.02181EPSS
Exploits2References24
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-26773

Malware in sbrugna...

4.3CVSS4.7AI score0.01988EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-14312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it...

5.9CVSS6.3AI score0.0123EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/06/23 10:52 p.m.5 views

dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232

A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...

7.5CVSS5.7AI score0.01345EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/27 3:12 p.m.6 views

dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232

A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...

7.5CVSS5.7AI score0.01345EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.4 views

SUSE CVE-2020-25684

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query,...

5.4CVSS6.4AI score0.04041EPSS
Exploits2References12
OSV
OSV
added 2022/08/29 3:15 p.m.1 views

DEBIAN-CVE-2022-0934

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...

7.5CVSS7.5AI score0.01499EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/08/29 2:3 p.m.3 views

CVE-2022-0934

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...

7.5AI score0.01499EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/01/01 12:0 a.m.3 views

Dnsmasq 缓冲区错误漏洞

dnsmasq is a lightweight DNS forwarding and DHCP, TFTP server written in C. Dnsmasq 2.86 suffers from a buffer error vulnerability that stems from having a heap-based buffer overflow in answerrequest called from FuzzAnswerTheRequest and fuzzrfc1035.c...

9.8CVSS8.5AI score0.02447EPSS
Exploits1References6
Microsoft CVE
Microsoft CVE
added 2021/04/23 7:0 a.m.4 views

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface dnsmasq uses a fixed port while forwarding queries. An attacker on the network able to find the outgoing port used by dnsmasq only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.

...

4.3CVSS7AI score0.01988EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2021/04/08 10:6 p.m.2 views

CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...

6.1AI score0.01988EPSS
Exploits1References6
OSV
OSV
added 2021/02/06 12:15 a.m.4 views

UBUNTU-CVE-2020-14312

A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not...

5.9CVSS6.8AI score0.0123EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/02/03 4:14 p.m.2 views

dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker

A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially...

4.3CVSS7.2AI score0.04041EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2021/02/03 10:39 a.m.2 views

dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker

A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw...

4.3CVSS7.2AI score0.04873EPSS
Exploits2References6
Rows per page
Query Builder