Lucene search
+L

26 matches found

osv
osv
added 6 days ago4 views

DEBIAN-CVE-2026-14461

mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...

5.1CVSS6.1AI score0.00303EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/30 3:50 p.m.8 views

CVE-2026-10652 Out-of-bounds read in Zephyr DNS resolver TXT/SRV record parsing (unvalidated `rdlength`)

Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dnsunpackanswer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...

4.8CVSS5.8AI score0.00252EPSS
Exploits1References2
cvelist
cvelist
added 2026/06/30 3:50 p.m.39 views

CVE-2026-10652 Out-of-bounds read in Zephyr DNS resolver TXT/SRV record parsing (unvalidated `rdlength`)

Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dnsunpackanswer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...

4.8CVSS0.00252EPSS
Exploits1References2
cvelist
cvelist
added 2026/06/04 5:47 p.m.39 views

CVE-2026-41234 Froxlor: BIND Zone File Injection via TXT Record Content

Froxlor is open source server administration software. Prior to version 2.3.7, the DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record...

7.6CVSS0.0027EPSS
Exploits0References3
osv
osv
added 2026/06/03 9:2 p.m.8 views

GHSA-37M5-M4Q3-FC6X Froxlor: BIND Zone File Injection via TXT Record Content

Summary The DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record line in the generated BIND zone file. This enables injection of arbitra...

7.6CVSS6AI score0.0027EPSS
Exploits0References5
metasploit
metasploit
added 2026/04/02 7:2 p.m.152 views

HTTPS Fetch, DNS TXT Record Payload Download and Execution

Fetch and execute an x86 payload from an HTTPS server. Performs a TXT query against a series of DNS records and executes the returned x86 shellcode. The DNSZONE option is used as the base name to iterate over. The payload will first request the TXT contents of the a hostname, followed by b, then ...

6.2AI score
Exploits0
redhatcve
redhatcve
added 2025/12/27 12:5 a.m.7 views

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

7.5CVSS6.8AI score0.00962EPSS
Exploits1References1
nvd
nvd
added 2025/12/26 4:15 p.m.9 views

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

7.5CVSS0.00962EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/12/26 12:0 a.m.4 views

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

6.4AI score0.00962EPSS
Exploits1References2
cve
cve
added 2025/12/26 12:0 a.m.23 views

CVE-2025-57403

Cola Dnslog v1.3.2 is affected by a Directory Traversal vulnerability in the DNS TXT query handling. The root cause is the application concatenating the requested URL (or a portion) with a base path via os.path.join, allowing directory traversal or absolute path injection and potentially exposing...

7.5CVSS6.4AI score0.00962EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2025/12/26 12:0 a.m.8 views

PT-2025-53599

Name of the Vulnerable Software and Affected Versions Cola Dnslog version 1.3.2 Description The application processes DNS queries for TXT records by concatenating the requested URL with a base path using os.path.join. This allows for directory traversal or absolute path injection. Successful...

7.5CVSS6.4AI score0.00962EPSS
Exploits1References9
osv
osv
added 2025/12/26 12:0 a.m.4 views

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

7.5CVSS6.8AI score0.00962EPSS
Exploits1References4
cnnvd
cnnvd
added 2025/12/26 12:0 a.m.4 views

Cola Dnslog 安全漏洞

Cola Dnslog is a no-reply vulnerability detection aid platform for individual AbelChe developers. A security vulnerability exists in Cola Dnslog v1.3.2, which stems from the direct splicing of request URLs and base paths when processing TXT record DNS queries, which may lead to directory traversa...

7.5CVSS6.6AI score0.00962EPSS
Exploits1References3
bdu_fstec
bdu_fstec
added 2024/04/06 12:0 a.m.8 views

The vulnerability of the decomp_get_rddata function in the Decompress.c file of the MaraDNS system’s software allows a attacker to perform a “denial-of-service” attack.

The vulnerability of the decompgetrddata function in the Decompress.c file of the MaraDNS system implementation is caused by a numerical overflow during the processing of DNS packets with an Answer RR qtype of 16 TXT record and any qclass. Exploiting this vulnerability could allow a remote attack...

7.8CVSS7.2AI score0.01143EPSS
Exploits0References9Affected Software3
osv
osv
added 2024/02/29 1:44 a.m.34 views

UBUNTU-CVE-2024-24150

A memory leak issue discovered in parseSWFTEXTRECORD in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file...

6.5CVSS5.8AI score0.00759EPSS
Exploits1References3
osv
osv
added 2023/05/09 2:15 p.m.0 views

DEBIAN-CVE-2023-31137

MaraDNS is open-source software that implements the Domain Name System DNS. In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination...

7.5CVSS7.2AI score0.01143EPSS
Exploits0References1
susecve
susecve
added 2023/02/15 5:28 a.m.3 views

SUSE CVE-2014-4049

Heap-based buffer overflow in the phpparserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service crash and possibly execute arbitrary code via a crafted DNS TXT record, related to the dnsgetrecord function...

5.1CVSS8.2AI score0.1091EPSS
Exploits0References10
cnvd
cnvd
added 2020/03/25 12:0 a.m.3 views

Videolabs libmicrodns Input Validation Error Vulnerability

Videolabs libmicrodns is a cross-platform mDNS multicast DNS resolver from Videolabs Labs in France. An input validation error vulnerability exists in the TXT record parsing feature of Videolabs libmicrodns 0.1.0. The vulnerability stems from a network system or product that does not properly...

7.5CVSS6.8AI score0.02396EPSS
Exploits1References1
osv
osv
added 2020/03/24 9:15 p.m.4 views

UBUNTU-CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS7.1AI score0.02396EPSS
Exploits1References4
cnvd
cnvd
added 2018/01/26 12:0 a.m.4 views

libming integer overflow vulnerability (CNVD-2018-03001)

libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. An integer overflow vulnerability exists in the 'outputSWFTEXTRECORD' function in the util/outputscript.c file in libming 0.4.8 and earlier...

8.8CVSS7AI score0.02489EPSS
Exploits1References1
Rows per page
Query Builder