Lucene search
K

10 matches found

CVE
CVE
added 2026/02/04 9:18 p.m.29 views

CVE-2026-25518

Summary: CVE-2026-25518 affects cert-manager-controller in Kubernetes clusters. In versions 1.18.0–1.18.4 and 1.19.0–1.19.2, the controller performs DNS lookups during ACME DNS-01 processing using unencrypted DNS, allowing an attacker able to intercept DNS traffic from the cert-manager pod to ins...

5.9CVSS5.4AI score0.00349EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2025/09/09 7:19 p.m.14 views

CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion

Summary The CoreDNS etcd plugin contains a TTL confusion vulnerability where lease IDs are incorrectly used as TTL values, enabling cache pinning for very long periods. This can effectively cause a denial of service for DNS updates/changes to affected services. Details In plugin/etcd/etcd.go, the...

7.1CVSS6.7AI score0.00407EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/05/17 12:0 a.m.6 views

EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2025-1568)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server...

6.5CVSS6.5AI score0.0197EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.4 views

PT-2024-36978 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.13.0-rc1-00028-g4b50c3c3b998-dirty Description: A NULL pointer dereference issue has been resolved in the Linux kernel's iommu/vt-d component. The issue occurs when trying to map pages to a nested parent domai...

5.5CVSS7.4AI score0.0018EPSS
Exploits0References13
OSV
OSV
added 2024/11/06 8:15 a.m.4 views

ALPINE-CVE-2024-9681

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

6.5CVSS6.9AI score0.0197EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.3 views

curl 安全漏洞

curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl versions 7.74.0 through 8.10.1, which stems from the expiration of a child domain name overwriting the cache entry of the parent domain name when curl is required to use HTTP Strict...

6.5CVSS6.6AI score0.0197EPSS
Exploits1References4
OSV
OSV
added 2024/11/06 12:0 a.m.4 views

UBUNTU-CVE-2024-9681

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

6.5CVSS7.2AI score0.0197EPSS
Exploits1References5
OSV
OSV
added 2021/06/02 1:21 p.m.5 views

USN-4976-1 dnsmasq vulnerability

Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in certain configurations. A remote attacker could possibly use this issue to facilitate DNS cache poisoning attacks...

4.3CVSS7.2AI score0.01988EPSS
Exploits1References2
CNVD
CNVD
added 2017/04/27 12:0 a.m.10 views

Cisco ASA Software DNS Denial of Service Vulnerability

Cisco Adaptive Security Appliance ASA Software is the core operating system for the Cisco ASA family. A denial of service vulnerability in the DNS code of Cisco ASA Software can be exploited by an attacker to cause an affected device to reload or corrupt information in the device's local DNS cach...

8.7CVSS8.3AI score0.02392EPSS
Exploits0References1
Nmap
Nmap
added 2010/06/12 2:25 a.m.519 views

dns-cache-snoop NSE Script

Performs DNS cache snooping against a DNS server. There are two modes of operation, controlled by the dns-cache-snoop.mode script argument. In nonrecursive mode the default, queries are sent to the server with the RD recursion desired flag set to 0. The server should respond positively to these...

10CVSS9.3AI score0.99448EPSS
Exploits33
Rows per page
Query Builder