7585 matches found
CVE-2026-33254
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
CVE-2026-33595
A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...
CVE-2026-33254
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
CVE-2026-33611
CVE-2026-33611 affects the Authoritative server when using the LMDB backend. An operator with REST API access can cause the server to produce invalid HTTPS or SVCB record data, which can lead to LMDB database corruption. The underlying issue is insufficient validation of HTTPS/SVCB records via RE...
CVE-2026-33594
CVE-2026-33594 describes a memory exhaustion issue where a client floods a DoH backend with queries, causing excess memory allocation as queries accumulate in a buffer that is only released at the end of the connection. The connected sources confirm the root cause (buffer growth tied to overloade...
CVE-2026-33594 Outgoing DoH excessive memory allocation
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...
CVE-2026-33594
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...
CVE-2026-33594 Outgoing DoH excessive memory allocation
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...
CVE-2026-33595 DoQ/DoH3 excessive memory allocation
A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...
CVE-2026-33595 DoQ/DoH3 excessive memory allocation
A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...
CVE-2026-33595
A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...
CVE-2026-33595
The connected documents independently confirm CVE-2026-33595 affects PowerDNS DNSdist, describing a flaw where a client can trigger excessive memory allocation by generating many error responses over a single DoQ/DoH3 connection, with resources not released until connection end. This is the state...
CVE-2026-33254 Resource exhaustion via DoQ/DoH3 connections
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
CVE-2026-33254 Resource exhaustion via DoQ/DoH3 connections
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
CVE-2026-33254
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
CVE-2026-33254
An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...
CVE-2026-33254
CVE-2026-33254 affects PowerDNS DNSdist. An attacker can open a large number of concurrent DoQ/DoH3 connections, causing unbounded memory allocation and denial of service. DoQ/DoH3 are disabled by default, which mitigates impact per the sources; no patch/version details are provided in the docume...
PT-2026-34436
Name of the Vulnerable Software and Affected Versions DNSdist affected versions not specified Description An attacker can create a large number of concurrent DoQ DNS over QUIC or DoH3 DNS over HTTP/3 connections, causing unlimited memory allocation and leading to a denial of service. DoQ and DoH3...
Linux Distros Unpatched Vulnerability : CVE-2026-33594
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into...
PowerDNS DNSdist 安全漏洞
PowerDNS DNSdist is a proxy software provided by PowerDNS that offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability, which stems from the ability of attackers to create a large number of concurrent DoQ or DoH3 connections, leadi...