CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

68 matches found

OSV•added 2026/05/11 6:16 p.m.•3 views

ALPINE-CVE-2026-5172

A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...

7.3CVSS6AI score0.00612EPSS

Exploits1References1

CVE•added 2026/05/11 4:48 p.m.•30 views

CVE-2026-5172

dnsmasq has a CVE-2026-5172 vulnerability: a buffer overflow in extract_addresses() can cause a heap out-of-bounds read and crash when processing a malformed DNS response. Exploitation is network-based (no user interaction). Remediation in the public advisories includes upgrading dnsmasq to a fix...

7.3CVSS6AI score0.00612EPSS

Exploits1References6

AlpineLinux•added 2026/05/11 4:48 p.m.•8 views

CVE-2026-5172

7.3CVSS6AI score0.00612EPSS

Exploits1

CNNVD•added 2026/04/30 12:0 a.m.•6 views

Exim 安全漏洞

Exim is an open-source message transfer agent MTA developed by Exim Foundation and running on Unix systems. It primarily handles the routing, forwarding, and delivery of emails. Prior to Exim 4.99.2, there was a security vulnerability. This vulnerability occurred due to an exception in the octal...

7.5CVSS6AI score0.00362EPSS

Exploits0References1

FreeBSD•added 2026/03/25 12:0 a.m.•5 views

dnsmasq -- multiple vulnerabilities

Simon Kelley reports: Today, 11th May 2026 CERT is releasing a set of six CVEs for serious security vulnerabilities in dnsmasq. These are all long-standing bugs which apply to pretty much all non-ancient versions. Christopher Cullen and Molly Jaconski write, in Vulnerability Note VU471747:...

8.4CVSS6.3AI score0.02625EPSS

Exploits4References2

RedHat Linux•added 2025/11/06 3:50 p.m.•3 views

bind: Resource exhaustion via malformed DNSKEY handling

A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentiall...

7.5CVSS6AI score0.1096EPSS

Exploits0References4

OpenVAS•added 2025/10/24 12:0 a.m.•5 views

Ubuntu: Security Advisory (USN-7836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.8AI score0.1096EPSS

Exploits1References2

OSV•added 2025/10/22 4:15 p.m.•6 views

AZL-68733 CVE-2025-8677 affecting package bind for versions less than 9.16.50-3

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

7.5CVSS6.7AI score0.1096EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2000-0565

Malware in sbrugna...

5CVSS6.4AI score0.03334EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-7036

Malware in sbrugna...

7.8CVSS6.4AI score0.0167EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2015-4207

Malware in sbrugna...

5CVSS6.3AI score0.03491EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2015-3341

Malware in sbrugna...

6.4CVSS7.5AI score0.04456EPSS

Exploits1References16

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2000-0332

Malware in sbrugna...

5CVSS6.4AI score0.07576EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-15667

Malware in sbrugna...

5.8CVSS5.9AI score0.01986EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2006-5405

Malware in sbrugna...

5CVSS6.4AI score0.02541EPSS

Exploits0References7

RedhatCVE•added 2025/05/22 3:26 p.m.•7 views

CVE-2020-27736

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions, Nucleus ReadyStart V3 All versio...

6.5CVSS6.5AI score0.03572EPSS

Exploits0

RedHat Linux•added 2025/01/21 12:46 p.m.•1 views

golang: net: malformed DNS message can cause infinite loop

A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service DoS conditions...

5.9CVSS7.3AI score0.00993EPSS

Exploits0References5

RedHat Linux•added 2024/11/12 9:5 a.m.•24 views

Moderate: Red Hat Security Advisory: toolbox security update

An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.8AI score0.01414EPSS

Exploits0References6

Tenable Nessus•added 2024/11/12 12:0 a.m.•6 views

RHEL 9 : runc (RHSA-2024:9200)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9200 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: net...

5.9CVSS7.5AI score0.00993EPSS

Exploits0References7

RedHat Linux•added 2024/09/24 3:30 a.m.•4 views

golang: net: malformed DNS message can cause infinite loop

5.9CVSS7.3AI score0.00993EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by