This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.
Incomplete validation of the SOA record present in a catalog zone might lead to a crash.
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient inpu...
ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;
Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage.
A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to inject mal...
Our payment integration with Mollie did not properly validate payment status responses. An attacker could use a successful payment status respons...
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice...
Remote Keyless Entry System (RKES), using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a rol...
Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page fo...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
