UBUNTU-CVE-2026-32283

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

CVE-2025-14591 PII Leak Due to Change in EOR Handling

In Delphix Continuous Compliance version 2025.3.0 and later, following a recent bug fix to correctly handle CR+LF Windows and DOS End-of-Record EOR characters in delimited files, an issue was identified: using an incorrect EOR configuration can cause inaccurate parsing and leave personally...

CVE-2025-14591

Summary (CVE-2025-14591) Delphix Continuous Compliance (version 2025.3.0 and later) has an issue related to End-of-Record (EOR) handling in delimited files after a recent fix for CR+LF handling. An incorrect EOR configuration can cause inaccurate parsing and may leave PII unmasked. Other connecte...

CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

CVE-2018-20892

cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling SEC-439...

USN-7241-1 bind9 vulnerabilities

Toshifumi Sakaguchi discovered that Bind incorrectly handled many records in the additional section. A remote attacker could possibly use this issue to cause Bind to consume CPU resources, leading to a denial of service. CVE-2024-11187 Jean-François Billaud discovered that the Bind DNS-over-HTTPS...

PT-2023-8932 · Maradns +2 · Maradns +2

Name of the Vulnerable Software and Affected Versions: MaraDNS versions 3.5.0024 and prior Description: MaraDNS is open-source software that implements the Domain Name System DNS. A remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to...

Design/Logic Flaw

cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling SEC-439...

CVE-2016-2120

An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to an integer overfl...

Microsoft PowerPoint Converter TPrint Record Handling Error (MS09-017) - Ver2 (CVE-2009-0227)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A stack buffer overrun vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafte...

MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Important: Red Hat Security Advisory: bind security update

Updated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RHEL 5 : gnutls (RHSA-2012:0428)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0428 advisory. - gnutls: buffer overflow in gnutlssessiongetdata GNUTLS-SA-2011-2 CVE-2011-4128 - libtasn1: DER decoding buffer overflow GNUTLS-SA-2012-3,...

gnutls: TLS record handling issue (GNUTLS-SA-2012-2, MU-201202-01)

gnutlscipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service heap memory corruption and application crash via a crafted record, as demonstrated by a crafted...

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

Microsoft Excel FNGROUPNAME Record Uninitialized Memory (MS10-017; CVE-2010-0262)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this flaw ...

PT-2003-1004 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.6i OpenSSL versions prior to 0.9.7a OpenSSL-0.9.5a OpenSSL-0.9.6b OpenSSL-devel-0.9.5a OpenSSL-devel-0.9.6b OpenSSL-devel-0.9.6 ssleay affected versions not specified Description: The issue is related to multiple...