CVE-2025-71058

Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inje...

Lenovo Service Framework Android Remote Code Execution Vulnerability

Lenovo Service Framework Android application is a special application for Lenovo products based on the Android platform from China Lenovo Lenovo Company. A security vulnerability exists in the Lenovo Service Framework Android application, which originates from the program failing to properly...

Information modification vulnerability in multiple Samsung Galaxy devices

The Samsung Galaxy S4 and others are smart mobile devices released by the South Korean company Samsung Samsung. The information modification vulnerability exists in Samsung Galaxy S4 to S7 devices and stems from the program's failure to validate BroadcastReceiver responses. An attacker could...

FreeBSD -- BIND named(8) cache poisoning with DNSSEC validation

Problem Description: If a client requests DNSSEC records with the Checking Disabled CD flag set, BIND may cache the unvalidated responses. These responses may later be returned to another client that has not set the CD flag...