3 matches found
CVE-2025-47775 Bullfrog's DNS over TCP bypasses domain filtering
Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue...
UBUNTU-CVE-2019-18792
An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet containing the data will be ignored by...
CVE-2019-18792
CVE-2019-18792 affects Suricata 5.0.0, enabling evasion of TCP-based signatures by overlapping a TCP segment with a fake FIN packet, causing the PUSH ACK carrying data to be ignored. The fake FIN packet is accepted (ACK not set) while the legitimate packet is dropped due to overlap; affected Linu...