Lucene search
K

150 matches found

RedHat Linux
RedHat Linux
added 3 days ago10 views

dnsmasq: NSEC bitmap parsing infinite loop

A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...

7.5CVSS6.1AI score0.07237EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing...

5.9CVSS6.2AI score0.00406EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in dnsmasq

A vulnerability was discovered in dnsmasq prior to version 2.81. This vulnerability involves a memory leak, allowing remote attackers to cause a denial of service due to excessive memory consumption through mechanisms related to DHCP response creation...

4.3CVSS5.5AI score0.02664EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in dnsmasq

A single-byte, non-arbitrary write/use-after-free flaw was discovered in dnsmasq. This flaw allows an attacker to send a crafted packet processed by dnsmasq, potentially causing a denial of service...

7.5CVSS7.2AI score0.01487EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.7 views

Slackware Linux 15.0 / current dnsmasq Vulnerability (SSA:2026-155-01)

The version of dnsmasq installed on the remote host is prior to 2.93. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-155-01 advisory. New dnsmasq packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

7.3CVSS5.6AI score0.00754EPSS
Exploits1References2
Wolfi
Wolfi
added 2026/06/04 7:48 p.m.11 views

GHSA-57VP-FFX7-7GM6 vulnerabilities

Vulnerabilities for packages: dnsmasq...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/06/04 7:48 p.m.14 views

CVE-2026-5172 vulnerabilities

Vulnerabilities for packages: dnsmasq...

7.5CVSS5.8AI score0.00933EPSS
Exploits1
Chainguard
Chainguard
added 2026/06/04 7:17 p.m.11 views

CVE-2026-4893 vulnerabilities

Vulnerabilities for packages: dnsmasq...

5.3CVSS5.8AI score0.02681EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.7 views

Ubuntu 14.04 LTS : Dnsmasq vulnerability (USN-8311-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8311-1 advisory. Petr Menk discovered that Dnsmasq incorrectly handled certain input in the dhcprelease utility. A local attacker could possibly use this issue to cause Dnsmasq to...

6.9CVSS5.8AI score0.00182EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/27 5:49 a.m.108 views

Exploit for CVE-2026-5172

CVE20265172poc CVE-2026-5172: buffer overflow in extractaddre...

7.3CVSS6AI score0.00933EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/19 4:15 p.m.10 views

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References5
OSV
OSV
added 2026/05/15 10:44 a.m.5 views

SUSE-SU-2026:21677-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Security issues: - CVE-2026-2291: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds re...

8.8CVSS6AI score0.07237EPSS
Exploits4References17
SUSE CVE
SUSE CVE
added 2026/05/13 3:48 a.m.13 views

SUSE CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

8.4CVSS6.2AI score0.00812EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.7 views

Fedora 45 : dnsmasq (2026-e58a6acf77)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e58a6acf77 advisory. Automatic update for dnsmasq-2.92rel2-9.fc45. Changelog Tue May 12 2026 Petr Menk - 2.92rel2-9 - Update to 2.92rel2 rhbz2469245 Mon Apr 20 2026 Petr Menk -...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/11 6:31 p.m.11 views

EUVD-2026-29153

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

5.3CVSS5.8AI score0.06226EPSS
Exploits0References3
OSV
OSV
added 2026/05/11 6:16 p.m.9 views

ALPINE-CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

8.4CVSS6.2AI score0.00812EPSS
Exploits1References1
NVD
NVD
added 2026/05/11 6:16 p.m.12 views

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS0.02681EPSS
Exploits2References6
NVD
NVD
added 2026/05/11 6:16 p.m.14 views

CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

7.5CVSS0.07237EPSS
Exploits0References13
AlpineLinux
AlpineLinux
added 2026/05/11 4:48 p.m.11 views

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.19 views

Linux Distros Unpatched Vulnerability : CVE-2026-2291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS...

7.3CVSS5.7AI score0.00754EPSS
Exploits1References2
Rows per page
Query Builder