TencentOS Server 3: bind9.16 (TSSA-2024:0113)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0113 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2025-5679

A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...

CVE-2025-5679

A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...

CVE-2025-5679 Shenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarker deserialization

A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...

CVE-2025-5679 Shenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarker deserialization

A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...

CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...

Security Bulletin: Vulnerabilities in bind and dnsmasq affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in bind and dnsmasq affect IBM Storage Virtualize products and could denial of service. CVE-2022-2795 CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 CVE-2023-4408 CVE-2023-5517 CVE-5679 CVE-2023-6516 CVE-2023-50387 CVE-2023-50868 . Vulnerability Details CVEID:CVE-2022-2795...

Azure Linux 3.0 Security Update: bind (CVE-2023-5679)

The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5679 advisory. - A bad interaction between DNS64 and serve-stale May cause named to crash with an assertion failure during...

CVE-2024-5679

CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

bind and bind-dyndb-ldap security update

bind 9.16.23-18.0.1.6 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-18.6 - Minor fix of reclimit test backport CVE-2024-1737 32:9.16.23-18.5 - Backport addition of max-records-per-type and max-records-per-type options 32:9.16.23-18.2 - Resolve CVE-2024-1975 -...

Oracle Linux 9 : bind / and / bind-dyndb-ldap (ELSA-2024-5231)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5231 advisory. - Minor fix of reclimit test backport CVE-2024-1737 - Resolve CVE-2024-1975 - Resolve CVE-2024-1737 - Resolve CVE-2024-4076 - Prevent crashing at...

CVE-2024-5679

creationtimestamp| type| source ---|---|--- 2024-07-11 11:37:49+00:00| seen| https://t.me/cvedetector/649 2024-12-10 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-345-02...

CVE-2024-5679

CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

CVE-2024-5679

CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

CVE-2024-5679

CVE-2024-5679 is an Out-of-Bounds Write vulnerability in the Foxboro.sys driver. A local attacker with user access can craft a program/script using an IOCTL to trigger a local denial-of-service or kernel memory leak. Documented impact is local, with high severity (CVSS 3.1: AV:L/AC:L/PR:L/UI:N/S:...

CVE-2024-5679

CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

CBL Mariner 2.0 Security Update: bind (CVE-2023-5679)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5679 advisory. - A bad interaction between DNS64 and serve-stale May cause named to crash with an assertion failure during...

AIX is vulnerable to denial of service due to ISC BIND

IBM SECURITY ADVISORY First Issued: Tue Jun 4 16:06:25 CDT 2024 |Updated: Wed Jun 5 08:17:08 CDT 2024 |Update: Corrected the affected fileset levels to reflect that | bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable. The most recent version of this document is available here:...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1759)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1736)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect domain; is configured, and - t...