MiracleLinux 8 : bind-9.11.36-8.el8.1 (AXSA:2023-6230:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6230:07 advisory. bind: named's configured cache size limit can be significantly exceeded CVE-2023-2828 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : bind9.16-9.16.23-0.14.el8.1 (AXSA:2023-6229:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6229:02 advisory. bind: named's configured cache size limit can be significantly exceeded CVE-2023-2828 Tenable has extracted the preceding description block directly from the...

EUVD-2026-2828

Not used...

CVE-2024-2828

A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side request forgery. I...

Linux Distros Unpatched Vulnerability : CVE-2023-2828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...

CVE-2025-2828

creationtimestamp| type| source ---|---|--- 2025-06-24 01:04:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lscvoh4hru2a 2025-06-24 13:50:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19331...

CVE-2025-2828

A Server-Side Request Forgery SSRF flaw was found in the langchain-community package due to a lack of restriction enforcement on specific internet addresses. This flaw allows an attacker to access local services, conduct port scans, retrieve instance metadata, or interact with local network...

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)

langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: SNYK:PYTHON-LANGCHAINCOMMUNITY-10496412...

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)

langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: OSV:GHSA-H5GC-RM8J-5GPR...

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)

langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: OSV:PYSEC-2025-70...

CVE-2025-2828

CVE-2025-2828 describes an SSRF flaw in the RequestsToolkit of langchain-ai/langchain (langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) affecting version 0.0.27. The vulnerability arises from insufficiently restricted requests to remote internet addresses, enabling an attacker ...

CVE-2025-2828 SSRF Vulnerability in RequestsToolkit in langchain-ai/langchain

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

TencentOS Server 3: bind (TSSA-2023:0207)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0207 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: bind9.16 (TSSA-2023:0198)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0198 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: bind (TSSA-2024:0612)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0612 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2023-2828)

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

Amazon Linux 2 : glibc (ALAS-2025-2828)

The version of glibc installed on the remote host is prior to 2.26-64. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2828 advisory. When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failur...

CLSA-2024-1735311722 bind: Fix of CVE-2023-2828

Removed the bind-9.11.4-CVE-2023-2828-fixup.patch which caused problems with named-pkcs11...

Fedora: Security Advisory (FEDORA-2023-c0ff5a2f68)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.441)

The version of AHV installed on the remote host is prior to 20220304.441. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.441 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by...