Allocation of Resources Without Limits or Throttling

Overview github.com/coredns/coredns/core/dnsserver is a package that implements all the interfaces from Caddy, so that CoreDNS can be a servertype plugin. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the DoQ server's handling of...

CVE-2026-28519

The CVE-2026-28519 advisory concerns arduino-TuyaOpen prior to 1.2.1, where the DnsServer component is vulnerable to a heap-based overflow. An attacker on the same LAN who controls the local DNS server can send crafted DNS responses to overflow the heap buffer on affected embedded devices, potent...

Allocation of Resources Without Limits or Throttling

Overview github.com/coredns/coredns/core/dnsserver is a package that implements all the interfaces from Caddy, so that CoreDNS can be a servertype plugin. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of resource-limiting...

EUVD-2025-4140

Malicious code in bioql PyPI...

Zyxel VMG8825-T50K 操作系统命令注入漏洞

The Zyxel VMG8825-T50K is an Internet access device from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel VMG8825-T50K V5.50ABOM.8.5C0 and earlier versions, which stems from a command injection in the DNSServer parameter in the diagnostic function, which...

CVE-2025-25901

A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet...

CVE-2024-54887

TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root us...

[SECURITY] Fedora 39 Update: squid-6.9-1.fc39

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

SUSE: Security Advisory (SUSE-SU-2019:3319-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for squid (FEDORA-2021-7d86bec29e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-1704)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

An authenticated user can crash the DCE/RPC DNS with

Description Some DNS records such as MX and NS records usually contain data in the additional section. Samba's dnsserver RPC pipe which is an administrative interface not used in the DNS server itself made an error in handling the case where there are no records present: instead of noticing the...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-2110)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-1746)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2020-1746)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerbero...

CVE-2019-14861

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the poorly named dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default...

[SECURITY] Fedora 30 Update: squid-4.10-3.fc30

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

openSUSE: Security Advisory for samba (openSUSE-SU-2019:2700-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : samba (openSUSE-2019-2700)

This update for samba fixes the following issues : - CVE-2019-14861: Fixed a DNSServer RPC server crash, that allowed an authenticated user to crash the DCE/RPC DNS management server by creating records with matching the zone name bsc1158108. - CVE-2019-14870: Fixed a DelegationNotAllowed not bei...