Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.3 views

EulerOS 2.0 SP10 : bind (EulerOS-SA-2025-2378)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...

7.5CVSS7AI score0.15344EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-40780

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port...

8.6CVSS6.2AI score0.00454EPSS
Exploits0References2
OSV
OSV
added 2025/02/20 10:2 a.m.12 views

RHSA-2025:1678 Red Hat Security Advisory: bind9.16 security update

Bulletin has no description...

7.5CVSS7.3AI score0.15344EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/08/15 12:0 a.m.20 views

RHEL 8 : bind9.16 (RHSA-2024:5418)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5418 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

7.5CVSS7.9AI score0.02114EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/08/15 12:0 a.m.28 views

RHEL 8 : bind9.16 (RHSA-2024:5390)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5390 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

7.5CVSS7.9AI score0.02114EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2024/08/14 12:0 a.m.26 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.7AI score0.02114EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.60 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Bind vulnerabilities (USN-6909-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-1 advisory. It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue...

7.5CVSS7.7AI score0.0468EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.8 views

PT-2024-15380 · Thales · Thales Safenet Sentinel Hasp Ldk

Name of the Vulnerable Software and Affected Versions: Thales SafeNet Sentinel HASP LDK versions prior to 9.16 Description: A flaw in the installer for Thales SafeNet Sentinel HASP LDK on Windows allows an attacker to escalate their privilege level via local access. Recommendations: For versions...

7.8CVSS7.7AI score0.00433EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.7 views

Thales SafeNet Security Vulnerability

Thales SafeNet is an enterprise authentication, data encryption, and key management solution from Thales USA. A security vulnerability exists in Thales SafeNet Sentinel HASP LDK prior to version 9.16, which stems from a flaw in the installer that allows an attacker to upgrade privileges via local...

7.8CVSS6.6AI score0.00433EPSS
Exploits1References2
Prion
Prion
added 2024/02/13 2:15 p.m.17 views

Design/Logic Flaw

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5CVSS6.9AI score0.00624EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/02/13 2:5 p.m.31 views

CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

7.5CVSS7.2AI score0.01097EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/02/13 12:0 a.m.51 views

CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

7.5CVSS7AI score0.01097EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.43 views

AlmaLinux 8 : bind9.16 (ALSA-2023:5460)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5460 advisory. - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the...

7.5CVSS6.8AI score0.02626EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.6 views

SUSE CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

5.3CVSS9.3AI score0.02617EPSS
Exploits0References7
NVD
NVD
added 2023/01/26 9:15 p.m.33 views

CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS7.6AI score0.13108EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:15 p.m.47 views

CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS7.5AI score0.13108EPSS
Exploits0References1
Prion
Prion
added 2023/01/26 9:15 p.m.90 views

Design/Logic Flaw

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

5CVSS7.5AI score0.13108EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2023/01/25 9:34 p.m.43 views

CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS7.5AI score0.13108EPSS
Exploits0
Cvelist
Cvelist
added 2023/01/25 9:34 p.m.78 views

CVE-2022-3094 An UPDATE message flood may cause named to exhaust all available memory

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS7.8AI score0.13108EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/25 12:0 a.m.4 views

PT-2023-1302 · Isc +9 · Bind 9 +9

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.16.0 through 9.16.36 BIND 9 versions 9.18.0 through 9.18.10 BIND 9 versions 9.19.0 through 9.19.8 BIND 9 versions 9.16.8-S1 through 9.16.36-S1 Description: The issue is related to the allocation of large amounts of memory by...

7.8CVSS7.2AI score0.5017EPSS
Exploits0References71
Rows per page
Query Builder