Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-0929

Malware in sbrugna...

5.9CVSS7AI score0.02066EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1368

Malware in sbrugna...

7.5CVSS7.6AI score0.01852EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-17419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in setTA in scanrr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone parsing error causes a segmentation violation...

7.5CVSS6.1AI score0.0176EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-19794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The...

5.9CVSS6.8AI score0.02066EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.5 views

SUSE CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS7.1AI score0.02066EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/28 12:0 a.m.7 views

go-resolver 数据伪造问题漏洞

go-resolver is a Golang DNSSEC validation parser library implemented on top of miekg/dns by the peterzen personal developer. A security vulnerability exists in go-resolver, which stems from DNSSEC authentication not being performed correctly...

6.5CVSS6.5AI score0.00227EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/06/29 9:45 p.m.36 views

Denial of Service in miekg-dns

A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...

7.5CVSS3AI score0.01852EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2021/06/29 9:45 p.m.13 views

GHSA-P55X-7X9V-Q8M4 Denial of Service in miekg-dns

A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...

7.5CVSS7.2AI score0.01852EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2021/05/18 9:9 p.m.50 views

miekg/dns insecurely generates random numbers

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS6.1AI score0.02066EPSS
Exploits1References10Affected Software1
OSV
OSV
added 2021/05/18 9:9 p.m.39 views

GHSA-44R7-7P62-Q3FR miekg/dns insecurely generates random numbers

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS5.8AI score0.02066EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2021/05/18 6:34 p.m.39 views

miekg/dns parsing error leads to nil pointer dereference and DoS

An issue was discovered in setTA in scanrr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone parsing error causes a segmentation violation, leading to denial of service...

7.5CVSS7.1AI score0.0176EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2020/11/05 11:59 a.m.37 views

CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS3.1AI score0.02066EPSS
Exploits1References3
Veracode
Veracode
added 2019/12/16 6:41 a.m.35 views

Insecure Random Generator

github.com/miekg/dns uses an insecure random generation for transaction IDs. The default Id function uses an insecure math/rand function, resulting in predictable output and allowing an attacker to exploit the vulnerability to forge responses without being on path...

5.9CVSS2.4AI score0.02066EPSS
Exploits1References7Affected Software1
CNVD
CNVD
added 2019/12/16 12:0 a.m.2 views

Unspecified vulnerability in miekg Go DNS package

miekg Go DNS package is a DNS server software package. A security vulnerability exists in miekg Go DNS package versions prior to 1.1.25 used in CoreDNS versions prior to 1.6.6 and other products, which stems from the program not properly generating random numbers. An attacker can exploit the...

5.9CVSS9AI score0.02066EPSS
Exploits1References1
OSV
OSV
added 2019/12/13 10:15 p.m.29 views

CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS6.6AI score
Exploits0References5
OSV
OSV
added 2019/12/13 10:15 p.m.4 views

DEBIAN-CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS8.6AI score0.02066EPSS
Exploits1References1
OSV
OSV
added 2019/12/13 10:15 p.m.11 views

UBUNTU-CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS6.8AI score0.02066EPSS
Exploits1References7
Prion
Prion
added 2019/12/13 10:15 p.m.24 views

Design/Logic Flaw

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

4.3CVSS5.8AI score0.02066EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2019/12/13 10:15 p.m.30 views

CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS6.9AI score0.02066EPSS
Exploits1References6
CVE
CVE
added 2019/12/13 9:46 p.m.212 views

CVE-2019-19794

The CVE-2019-19794 issue affects the miekg/dns Go DNS package prior to 1.1.25 (used by CoreDNS before 1.6.6 and other products). The root cause is use of math/rand for TXID generation, making TXIDs predictable and enabling response forgery. Remediation: update to miekg/dns v1.1.25 or later (and C...

5.9CVSS5.8AI score0.02066EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder