EUVD-2026-38449

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

EUVD-2026-32886

In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdmacopypduresp Sashiko points out that pd-uctx isn't initialized until late in the function so all these error flow references are NULL and will crash. Use the uctx that isn't NU...

EUVD-2026-13796

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...

PT-2026-23408

Name of the Vulnerable Software and Affected Versions Zephyr RTOS affected versions not specified Description The dns unpack name function in Zephyr RTOS contains a flaw where it caches the buffer tailroom and reuses it when appending DNS labels. As the buffer expands, the cached size becomes...

cert-manager-controller DoS via Specially Crafted DNS Response

Impact The cert-manager-controller performs DNS lookups during ACME DNS-01 processing for zone discovery and propagation self-checks. By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a...

UBUNTU-CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

Linux Distros Unpatched Vulnerability : CVE-2023-5517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receiv...

Exploit for Improper Input Validation in Microsoft

This is a PoC Proof of Concept exploit for CVE-2020-1350, also known as SigRed. The exploit is designed to target DNS servers and allows for remote code execution. The exploit is written in Python and consists of several files: configure.py: This script is used to set up the payload and Apache HT...

Contiki Security Vulnerabilities

Contiki is an open source cross-platform operating system for IoT Internet of Things devices. Contiki 3.0 suffers from a security vulnerability that stems from parsing incoming DNS packets without checking if the domain name ends in null. This allows an attacker to compromise memory with a crafte...

systemd-resolved denial of service vulnerability

systemd-resolved is a system service used to manage network name resolution. A denial of service vulnerability exists in systemd-resolved version 233 and earlier. A remote attacker could use this vulnerability to cause a denial of service daemon crash with a specially crafted DNS response...

PT-2017-18793 · Systemd +2 · Systemd-Resolved +2

Name of the Vulnerable Software and Affected Versions: systemd-resolved versions through 233 Description: The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, via a crafted DNS response with an empty question section. Recommendations: For versions through...

CVE-2017-6607

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker...

DEBIAN-CVE-2003-0688

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service process crash via an invalid DNS response that causes Sendmail to free incorrect data...