CVE-2026-34526

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against /^\d+.\d+.\d+.\d+$/. This...

Affirm: Subdomain takeover due to non registered TLD [ ██████████.█████.██████.com ]

Summary: I was looking at recent disclosed report 1297689 and I was thinking to take a look for the same issue on this asset as I love to test for subdomain takeover vulnerabilities. While testing I noticed a DNS entry for ███████.████.██████████.com is CNAME ████.███████████ which's TLD is not...

Google SSRF vulnerability analysis: the use of Google application tool found inside Google DNS information-vulnerability warning-the black bar safety net

! 1 the end of the month, I found the Google applications Suite G Suite website toolbox. googleapps. com the presence of SSRF vulnerability through the vulnerability can further query the Google internal DNS server, access to Google's internal IP address, DNS records and a variety of server host...

The use of ssrf vulnerability to obtain google internal dns information-vulnerability warning-the black bar safety net

Late January, I found and to the Google VRP sector report, the toolbox. googleapps. com a server-side request forgery vulnerability（ssrf）。 Can be used to discover and query Google's internal DNS server, to extract a variety of company information, such as company internal use internal IP address,...

openSUSE Security Update : samba (openSUSE-2016-359)

"This update for samba fixes the following issues : Version update to 4.1.23. + Getting and setting Windows ACLs on symlinks can change permissions on link target; CVE-2015-7560; bso11648 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE: Security Advisory for samba (openSUSE-SU-2016:0813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Samba Internal DNS Server Out-of-Bounds Read Vulnerability

Samba is a freeware implementation of the SMB protocol on Linux and UNIX systems, consisting of a server and a client program. When Samba versions 4.0.0 through 4.4.0rc3 are deployed as an AD DC and running an internal DNS server, an out-of-bounds read vulnerability exists in the processing of DN...

CVE-2016-0771

The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from process memory by...

[slackware-security] samba (SSA:2014-175-04)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security samba SSA:2014-175-04 New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

CVE-2014-0239

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service CPU and bandwidth consumption via a forged response packet that triggers a...

squid security and bug fix update

7:3.1.10-16 - Resolves: 888198 - CVE-2012-5643: improved upstream patch 7:3.1.10-15 - Reverts: 861062 - Squid delays on FQDNs that don't contains AAAA record 7:3.1.10-14 - Resolves: 888198 - CVE-2012-5643: patch 7:3.1.10-13 - Resolves: 888198 - CVE-2012-5643: DoS excessive resource consumption...

CVE-2010-2952

Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafte...

nginx internal DNS cache poisoning

nginx maintains an internal DNS cache for resolved domain names. However, when searching the cache, nginx only checks that the crc32 of the names match and that the shorter name is a prefix of the longer name. It does not check that the names are equal in length. One way to exploit this is if ngi...