Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2020-25681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An...

8.3CVSS7.1AI score0.45359EPSS
Exploits0References2
Microsoft CVE
Microsoft CVEadded 2021/01/29 8:0 a.m.2 views

A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network who can create valid DNS replies could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However in some code execution paths it is possible extract_name() gets passed an offset from the base buffer thus reducing in practice the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

8.3CVSS7AI score0.34287EPSS
Exploits0
Rows per page
Query Builder