CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

CVE•added 2026/03/20 7:59 p.m.•11 views

CVE-2026-4438

CVE-2026-4438 concerns gethostbyaddr/gethostbyaddr_r built against an NSS DNS backend as configured in glibc (versions 2.34–2.43). The issue can cause an invalid DNS hostname to be returned to the caller, violating DNS specifications. Details originate from NVD/CVE records and the Sourceware bug ...

5.4CVSS5.8AI score0.00066EPSS

Exploits1References1Affected Software1

CNNVD•added 2026/03/20 12:0 a.m.•3 views

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C programming language library published by the GNU community under the LGPL license. Versions of the GNU C Library 2.34 to 2.43 contain security vulnerabilities. These vulnerabilities arise from the gethostbyaddr or gethostbyaddrr functions potentially...

5.4CVSS5.8AI score0.00066EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 3:11 p.m.•5 views

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

9.3CVSS7.3AI score0.29014EPSS

Exploits1References1

SUSE CVE•added 2023/02/15 3:59 a.m.•1 views

SUSE CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

9.3CVSS9.1AI score0.29014EPSS

Exploits1References3

Ubuntu•added 2021/05/03 8:44 p.m.•147 views

USN-4931-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

6.8CVSS7AI score0.01764EPSS

Exploits0

Tenable Nessus•added 2020/07/21 12:0 a.m.•45 views

openSUSE Security Update : ldb / samba (openSUSE-2020-1023)

"This update for ldb, samba fixes the following issues : Changes in samba : - Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; bso14364 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

7.8CVSS6.4AI score0.26364EPSS

Exploits0References19

OSV•added 2020/06/17 11:15 a.m.•1 views

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

9CVSS5.9AI score

Exploits0References8

NVD•added 2020/06/17 11:15 a.m.•18 views

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

9.3CVSS0.29014EPSS

Exploits1References8

Prion•added 2020/06/17 11:15 a.m.•24 views

Remote code execution

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

9.3CVSS9.3AI score0.29014EPSS

Exploits1References8Affected Software1

CVE•added 2020/06/17 10:34 a.m.•262 views

CVE-2020-11901

CVE-2020-11901 affects the Treck TCP/IP stack (embedded) where the DNS resolver branch can be triggered by a single invalid DNS response to allow Remote Code Execution. The issue exists in Treck IP stack prior to 6.0.1.66; exploitation is network-based and rated CRITICAL (CVSSv3: AV:N/AC:H/PR:N/U...

9.3CVSS9.2AI score0.29014EPSS

In wildExploits1References8Affected Software1

Cvelist•added 2020/06/17 10:34 a.m.•16 views

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

9.4AI score0.29014EPSS

Exploits1References8

securityvulns•added 2010/02/04 12:0 a.m.•71 views

[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1991-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 04, 2010 http://www.debian.org/security/faq -...

5CVSS0.4AI score0.60658EPSS

Exploits1

securityvulns•added 2009/03/02 12:0 a.m.•24 views

dkim-milter Domain Keys authentication filter DoS

Crash on invalid DNS kay...

2.3AI score

Exploits0References1Affected Software1

Tenable Nessus•added 2007/07/18 12:0 a.m.•18 views

Mandrake Linux Security Advisory : perl-Net-DNS (MDKSA-2007:146)

A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data CVE-2007-3377. A denial of service vulnerability was found in how Net::DNS parsed certain DNS...

7.5CVSS7AI score0.18031EPSS

Exploits1References2

FreeBSD•added 2005/07/21 12:0 a.m.•31 views

dnrd -- remote buffer and stack overflow vulnerabilities

Natanael Copa reports that dnrd is vulnerable to a remote buffer overflow and a remote stack overflow. These vulnerabilities can be triggered by sending invalid DNS packets to dnrd. The buffer overflow could potentially be used to execute arbitrary code with the permissions of the dnrd daemon. No...

7.3AI score

Exploits0

Tenable Nessus•added 2004/08/18 12:0 a.m.•12 views

DeleGate < 8.11.6 Invalid DNS Response DoS

Binary data 3522.prm...

5CVSS7.3AI score0.02112EPSS

Exploits0References1

NVD•added 2003/10/20 4:0 a.m.•14 views

CVE-2003-0688

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service process crash via an invalid DNS response that causes Sendmail to free incorrect data...

5CVSS6.7AI score0.01711EPSS

Exploits0References8

OSV•added 2003/10/20 4:0 a.m.•5 views

CVE-2003-0688

7AI score

Exploits0References9

securityvulns•added 2002/01/29 12:0 a.m.•40 views

DoS против MaraDNS

Некорректный DNS-пакет приводит к краху сервера...

0.6AI score

Exploits0Affected Software1

Rows per page