CVE-2026-12635 Reliance on Reverse DNS Resolution for a Security-Critical Action in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through...

DEBIAN-CVE-2026-43617

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

CVE-2026-43617

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

CVE-2026-43617

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

PT-2012-4697 · Htcondor · Condor

Name of the Vulnerable Software and Affected Versions: Condor versions prior to 7.8.2 Description: The issue allows remote attackers to bypass host-based authentication and execute certain actions, such as ALLOW ADMINISTRATOR or ALLOW WRITE, by connecting from a system with a spoofed reverse DNS...

SOL2617 - Reverse name resolution vulnerability in SSH - CVE-2003-0386

OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...

Windows XP SP1 gethostbyaddr() flow (Re[3]: mirc32 6.0x crash when resolving dns.)

Dear vulndev, It's definitely bug in Windows XP SP1, as it was supposed by Roland Postle [email protected] To reproduce it: 1. Created zone 1.168.192.in-addr.arpa and add record: 254 IN CNAME non.existant.name 2. Use test program attached 3. I did tests on Windows NT 4.0, Windows 2000 and Windows...