CVE-2026-26952 Pi-hole Web Interface has Stored HTML Injection via Local DNS Records (CNAME/Hosts) in data-tag Attribute

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.4 and below are vulnerable to stored HTML injection through the local DNS records configuration page, which allows an authenticated administrator to inject cod...

PHASE: Passive Human Activity Simulation Evaluation

Cybersecurity simulation environments, such as cyber ranges, honeypots, and sandboxes, require realistic human behavior to be effective, yet no quantitative method exists to assess the behavioral fidelity of synthetic user personas. This paper presents PHASE Passive Human Activity Simulation...

Incus Allocation of Resources Without Limits allows firewall rule bypass on managed bridge networks

Summary When using an ACL on a device connected to a bridge, Incus generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to DHCP pool exhaustion and opens the door for...

PR-DNSd - Passive-Recursive DNS Daemon

Passive-Recursive DNS daemon. Quickstart nameserver 127.0.0.1 | sudo tee /etc/resolv.conf dig google.com dig -x $dig +short google.com" go get github.com/korc/PR-DNSd sudo setcap capnetbindservice,capsyschroot=ep go/bin/PR-DNSd go/bin/PR-DNSd -upstream 9.9.9.9:53 -listen 127.0.0.1:53 echo...

[SECURITY] Fedora 25 Update: knot-resolver-1.3.2-1.fc25

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

[SECURITY] Fedora 24 Update: knot-resolver-1.3.1-1.fc24

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

Cisco IOS Software DNS Forwarder Denial of Service Vulnerability (cisco-sa-20160928-dns)

A vulnerability in the DNS forwarder functionality of Cisco IOS could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present in the device SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced source...

Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020)

Hello BugTraq, The Microsoft Windows DNS stub resolver the component in Windows that queries the upstream DNS server for address resolutions on behalf of most Windows programs, e.g. browsers sends predictable DNS queries with respect to DNS transaction ID and source UDP port. This allows some...