38 matches found
CVE-2025-1673
A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash denial of service or an incorrect computation...
CVE-2022-50789
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory with .dns.pid extension. Unauthenticated attackers can execute the malicious commands by making a single HTTP POST request to the...
EUVD-2025-5069
Malicious code in bioql PyPI...
CVE-2025-24294
The attack vector is a potential Denial of Service DoS. The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses suc...
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service DDoS malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States. "From 2020 to 2023, the XorDDoS trojan has increased significantly...
Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter...
CVE-2024-52615 Avahi: avahi wide-area dns uses constant source port
A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the...
CVE-2024-27227
A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues...
Information Disclosure
github.com/helm/helm is vulnerable to Information Disclosure. The vulnerability is due to the DNS lookup chart that can disclose IP addresses to a malicious DNS server, which are used to lookup IP addresses when used with the helm install|upgrade|template command via the vulnerable getHostByName...
Remote Code Execution (RCE)
libspf2 is vulnerable to remote code execution. The vulnerability exists in SPFrecordexpanddata in spfexpand.c, allowing an attacker to send a malicious SPF DNS record to cause overflow data...
DNS Spoofing
dnslib is vulnerable to DNS spoofing attacks. A remote unauthenticated attacker is able to potentially deceive the user with a malicious DNS ID because the library does not verify whether the ID value in a DNS reply matches an ID value in a query...
GHSA-369H-PJR2-6WRH Uncontrolled recursion in trust-dns-proto
There's a stack overflow leading to a crash when Trust-DNS's parses a malicious DNS packet. Affected versions of this crate did not properly handle parsing of DNS message compression RFC1035 section 4.1.4. The parser could be tricked into infinite loop when a compression offset pointed back to th...
Juniper Junos OS DoS (JSA11054)
The version of Junos OS installed on the remote host is affected by a denial of service vulnerability as referenced in the JSA11054 advisory. When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets...
Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43441)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in the Umbrella Connector component of Cisco IOS XE used in Cisco Catalyst 9200 series switches, which can be exploited by an attacker by...
Code injection
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive. To exploit the vulnerability, an authenticated attacker could send malicious DNS queries...
Exploit for Improper Input Validation in Microsoft
CVE-2020-1350 SIGRed - Windows DNS DoS Exploit Credits for...
Denial Of Service (DoS)
musl is vulnerable to denial of service. A buffer overflow in the dnsparsecallback in network/lookupname.c allows an attacker to crash the application via malicious DNS replies due to an unrestricted number of A record replies to an AAAA query...
Stack overflow when parsing malicious DNS packet
There's a stack overflow leading to a crash when Trust-DNS's parses a malicious DNS packet. Affected versions of this crate did not properly handle parsing of DNS message compression RFC1035 section 4.1.4. The parser could be tricked into infinite loop when a compression offset pointed back to th...
RUSTSEC-2018-0007 Stack overflow when parsing malicious DNS packet
There's a stack overflow leading to a crash when Trust-DNS's parses a malicious DNS packet. Affected versions of this crate did not properly handle parsing of DNS message compression RFC1035 section 4.1.4. The parser could be tricked into infinite loop when a compression offset pointed back to th...