CVE-2023-28452
https://notcve.org/view.php?id=CVE-2023-28452
There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID. • https://coredns.io https://gist.github.com/idealeer/e41c7fb3b661d4262d0b6f21e12168ba •
CVE-2023-28455
https://notcve.org/view.php?id=CVE-2023-28455
The forwarding mode enables attackers to create a query loop using Technitium resolvers, launching amplification attacks and causing potential DoS. • https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3 https://technitium.com/dns • CWE-406: Insufficient Control of Network Message Volume (Network Amplification) •
CVE-2023-28456
https://notcve.org/view.php?id=CVE-2023-28456
It enables attackers to launch amplification attacks (3 times more than other "golden model" software like BIND) and cause potential DoS. • https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3 https://technitium.com/dns • CWE-406: Insufficient Control of Network Message Volume (Network Amplification) •
CVE-2023-49203
https://notcve.org/view.php?id=CVE-2023-49203
Technitium 11.5.3 allows remote attackers to cause a denial of service (bandwidth amplification) because the DNSBomb manipulation causes accumulation of low-rate DNS queries such that there is a large-sized response in a burst of traffic. • https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3. https://technitium.com/dns • CWE-406: Insufficient Control of Network Message Volume (Network Amplification) •
CVE-2024-34057
https://notcve.org/view.php?id=CVE-2024-34057
The resulting buffer overflow can cause a crash, resulting in a denial of service. • https://trianglemicroworks.com/products/source-code-libraries/iec-61850-scl-pages/what%27s-new https://www.cisa.gov/news-events/ics-advisories/icsa-24-256-16 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •