Lucene search
+L

62 matches found

NVD
NVD
added 2026/06/30 5:16 p.m.10 views

CVE-2026-10652

Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dnsunpackanswer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...

7.4CVSS0.00252EPSS
Exploits1References2
CVE
CVE
added 2026/06/30 3:50 p.m.15 views

CVE-2026-10652

Zephyr’s DNS resolver (subsys/net/lib/dns) is vulnerable to an out-of-bounds read in TXT/SRV records due to unvalidated rdlength in dns_unpack_answer(). The resolver accepts attacker-declared rdlength that may extend past the datagram end, and dns_validate_record() copies up to rdlength bytes fro...

7.4CVSS5.8AI score0.00252EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/12/26 12:0 a.m.36 views

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

0.00962EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-27227

Malware in sbrugna...

7.5CVSS8.5AI score0.02396EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/02/05 2:38 p.m.9 views

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS6.5AI score0.02396EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2024/01/22 4:35 p.m.62 views

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. "Access to projects can be hijacked through domain name purchases and since most default build configurations a...

7.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.3 views

PT-2023-8932 · Maradns +2 · Maradns +2

Name of the Vulnerable Software and Affected Versions: MaraDNS versions 3.5.0024 and prior Description: MaraDNS is open-source software that implements the Domain Name System DNS. A remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to...

7.8CVSS7.3AI score0.01143EPSS
Exploits0References27
Kitploit
Kitploit
added 2021/07/18 12:30 p.m.78 views

DNSStager - Hide Your Payload In DNS

DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting...

7.6AI score
Exploits0References3
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.487 views

dnsrecon 0.10.0 - CSV Injection

Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/08 12:0 a.m.58 views

dnsrecon 0.10.0 - CSV Injection Vulnerability

Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with entries such as...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/08 12:0 a.m.397 views

dnsrecon 0.10.0 CSV Injection

Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...

7.4AI score
Exploits0
Veracode
Veracode
added 2020/08/06 9:40 p.m.24 views

Denial Of Service (DoS)

libmicrodns is vulnerable to denial of service. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send a malicious mDNS message to exploit the vulnerability...

7.5CVSS5.8AI score0.02396EPSS
Exploits1References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/08 12:0 a.m.60 views

VLC < 3.0.9 Multiple Vulnerabilities

The version of VLC media player installed on the remote Windows host is prior to 3.0.9. It is, therefore, affected by multiple vulnerabilities: - An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing...

9.8CVSS7.5AI score0.03636EPSS
Exploits7References8
OSV
OSV
added 2020/03/24 9:15 p.m.33 views

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS6.5AI score
Exploits0References3
OSV
OSV
added 2020/03/24 9:15 p.m.1 views

DEBIAN-CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS8.1AI score0.02396EPSS
Exploits1References1
NVD
NVD
added 2020/03/24 9:15 p.m.29 views

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS8.3AI score0.02396EPSS
Exploits1References3
Prion
Prion
added 2020/03/24 9:15 p.m.20 views

Integer overflow

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

5CVSS7.6AI score0.02396EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2020/03/24 9:15 p.m.26 views

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS7.1AI score0.02396EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2020/03/24 8:43 p.m.17 views

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS8.4AI score0.02396EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2020/03/24 8:43 p.m.40 views

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

7.5CVSS7.6AI score0.02396EPSS
Exploits1
Rows per page
Query Builder