12 matches found
EUVD-2020-18348
Malware in sbrugna...
EUVD-2025-28273
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-25686
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a...
OESA-2025-1812 python-pycares security update
pycares is a Python module which provides an interface to c-ares.c-ares is a C library that performs DNS requests and name resolutions asynchronously. Security Fixes: pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name...
NewStart CGSL CORE 5.05 / MAIN 5.05 : dnsmasq Multiple Vulnerabilities (NS-SA-2021-0183)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has dnsmasq packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service memory...
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw...
A flaw was found in dnsmasq before version 2.83. When receiving a query dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default a maximum of 150 pending queries can be sent to upstream servers so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
...
Amazon Linux 2 : dnsmasq (ALAS-2021-1587)
The version of dnsmasq installed on the remote host is prior to 2.76-16. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1587 advisory. A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if th...
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw...
ALPINE-CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the...
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw...
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw...