Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization in the process that forwards DoQ queries to UDP upstreams, where the DNS transaction ID txid is not preserved and is always set to 0, reducing entropy in the backend tuple. An attacker can increase the likelihoo...

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization in the process that forwards DoQ queries to UDP upstreams, where the DNS transaction ID txid is not preserved and is always set to 0, reducing entropy in the backend tuple. An attacker can increase the likelihoo...

AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle

This report covers the client-triggered DoQ forwarding path in: - dnsproxy v0.81.2 adguard/dnsproxy:v0.81.2 - AdGuard Home v0.107.74 adguard/adguardhome:latest, image version label v0.107.74 The issue was reproduced on 2026-04-25 with the products configured through their documented DoQ listener...

EUVD-2021-0929

Malware in sbrugna...

SUSE CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

CVE-2022-33988

CVE-2022-33988 affects dproxy-nexgen (DNS proxy). The issue is the reuse of the DNS TXID from client queries, enabling an attacker who can send queries to the resolver to perform DNS cache poisoning. Exploitation status is not detailed in the provided documents; no concrete patch/version remediat...

PT-2022-21950 · Unknown · Dproxy-Nexgen

Name of the Vulnerable Software and Affected Versions: dproxy-nexgen affected versions not specified Description: The issue allows attackers to conduct DNS cache-poisoning attacks because the DNS transaction id TXID value from client queries is re-used. This enables attackers, who can send querie...

GHSA-GV9J-4W24-Q7VX Improper random number generation in github.com/coredns/coredns

Impact CoreDNS before 1.6.6 using go DNS package 1.1.25 improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries. Patches The problem has been fixed in 1.6.6+. References - CVE-2019-19794 For more information Please consult our...

miekg/dns insecurely generates random numbers

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

DEBIAN-CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

Design/Logic Flaw

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

UBUNTU-CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

Replay Attack

github.com/hyperledger/fabric is vulnerable to replay attacks. The library does not verify that the TxID of a transaction is unique, allowing a malicious user to possibly overwrite a currently existing transactionID...

Nintendo 3DS DNS Client Resolver Predictable TXID

Nintendo: 3DS DNS Client Resolver Library Uses Predictable TXID I bought a New Nintendo 3DS XL US with firmware 11.2.0-35U, and I've noticed that that DNS client resolved on the 3DS uses a simple incrementing TXID for lookups. This does not provide enough entropy to prevent remote attackers from...

Nintendo: 3DS DNS Client Resolver Library Uses Predictable TXID

I bought a New Nintendo 3DS XL US with firmware 11.2.0-35U, and I've noticed that that DNS client resolved on the 3DS uses a simple incrementing TXID for lookups. This does not provide enough entropy to prevent remote attackers from spoofing responses. For example, see MS08-020 when this happened...

Nintendo 3DS DNS Client Resolver Predictable TXID Vulnerability

The Nintendo 3DS DNS client resolver library uses a predictable incremented TXID allowing for the spoofing of responses. Nintendo: 3DS DNS Client Resolver Library Uses Predictable TXID I bought a New Nintendo 3DS XL US with firmware 11.2.0-35U, and I've noticed that that DNS client resolved on th...

Nmap NSE 6.01: dns-random-txid

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE net: dns-random-txid

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...