112 matches found
CVE-2026-14461
mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...
CVE-2026-14461 Out-of-bound read in mtr
mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...
CVE-2026-14461
mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...
EUVD-2026-42866
mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...
CVE-2026-14461
The CVE-2026-14461 entry affects mtr up to version 0.96, where ipinfo_lookup() performs DNS AS lookups and can be triggered by a TXT response larger than 512 bytes with a crafted compression pointer, causing an out-of-bounds read. The function uses the response length as the end-of-message bounda...
Astra Linux – Vulnerability in mtr
In certain privileged contexts, mtr mishandles the execution of a program specified by the MTRPACKET environment variable. NOTE: On macOS, mtr may often be subject to sudo rules, as a direct result of Homebrew not installing setuid binaries...
Azure Linux 3.0 Security Update: mtr (CVE-2025-49809)
The version of mtr installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49809 advisory. - mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET...
EUVD-2000-0171
Malware in sbrugna...
EUVD-2004-1221
Malware in sbrugna...
EUVD-2002-0493
Malware in sbrugna...
EUVD-2008-2353
Malware in sbrugna...
EUVD-2025-20020
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-38249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nagios XI v5.8.6 was discovered to contain a cross-site scripting XSS vulnerability via the MTR component in version 1.0.4. CVE-2022-38249 Note that Nessus reli...
Important: mtr
Issue Overview: mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. CVE-2025-49809 Affected Packages: mtr Issue Correction: Run dnf update mtr --releasever 2023.8.20250808 or dnf update --advisory ALAS2023-2025-1102...
Linux Distros Unpatched Vulnerability : CVE-2025-49809
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may ofte...
ROS-20250806-12
A vulnerability in the mtr network diagnostic tool is related to improper handling of an item specified in the MTRPACKET environment variable. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
Amazon Linux 2023 : mtr, mtr-gtk (ALAS2023-2025-1102)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1102 advisory. mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. CVE-2025-49809 Tenable has extracted the preceding description block...
Amazon Linux 2 : mtr (ALAS-2025-2937)
The version of mtr installed on the remote host is prior to 0.92-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2937 advisory. mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable...
Important: mtr
Issue Overview: mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. CVE-2025-49809 Affected Packages: mtr Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...
CVE-2025-49809 affecting package mtr for versions less than 0.95-3
CVE-2025-49809 affecting package mtr for versions less than 0.95-3. A patched version of the package is available...