Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Totd Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34294 1 Totd Project 1 Totd 2022-08-17 N/A 9.8 CRITICAL
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
CVE-2022-34295 1 Totd Project 1 Totd 2022-07-06 4.3 MEDIUM 6.5 MEDIUM
totd before 1.5.3 does not properly randomize mesg IDs.