Lucene search
+L

18 matches found

SUSE CVE
SUSE CVE
added 2026/05/30 2:6 a.m.13 views

SUSE CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

7.5CVSS5.8AI score0.00779EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/30 2:6 a.m.16 views

SUSE CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

5.9CVSS5.7AI score0.00249EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/05/26 2:24 p.m.14 views

CVE-2026-42960

A flaw was found in Unbound's handling of DNS reply messages, complementing the earlier CVE-2025-11411 fix. Unbound accepts and caches address records from the additional section of DNS replies when they accompany authority section RRSets other than NS such as MX records. A malicious actor who ca...

10CVSS5.6AI score0.00249EPSS
Exploits0References3
NVD
NVD
added 2026/05/20 10:16 a.m.43 views

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS0.00249EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:16 a.m.10 views

ALPINE-CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

7.5CVSS5.6AI score0.00779EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:16 a.m.3 views

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

7.5CVSS6AI score0.00779EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/20 9:21 a.m.56 views

CVE-2026-42960 Possible cache poisoning via promiscuous records for the authority section

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

7.1CVSS0.00249EPSS
Exploits0References1
CVE
CVE
added 2026/05/20 9:21 a.m.45 views

CVE-2026-42960

Unbound CVE-2026-42960 affects versions up to 1.25.0. The vulnerability arises from poisoning attempts using promiscuous RRSets in the authority section; an attacker could spoof replies or leverage fragmentation to inject non-NS address records in the additional section and have Unbound cache the...

10CVSS5.7AI score0.00249EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:20 a.m.8 views

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References2
CVE
CVE
added 2026/05/20 9:20 a.m.46 views

CVE-2026-42959

CVE-2026-42959 affects NLnet Labs Unbound up to version 1.25.0. The vulnerability lies in the DNSSEC validator: while constructing chase-reply messages, the code uses the wrong counter to calculate write offsets for ADDITIONAL section rrsets. This, combined with DNAME duplication increasing the A...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/20 9:20 a.m.57 views

CVE-2026-42959 Crash during DNSSEC validation of malicious content

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS0.00779EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/20 9:20 a.m.14 views

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/05/20 12:0 a.m.11 views

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.12 views

PT-2026-42133

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description An issue exists where promiscuous RRSets Resource Record Sets that complement DNS replies in the authority section can be used to trick the system into caching unauthorized records. An...

10CVSS5.8AI score0.00842EPSS
Exploits0References59
UbuntuCve
UbuntuCve
added 2026/05/20 12:0 a.m.10 views

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS5.7AI score0.00249EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/12/05 12:0 a.m.5 views

Mageia: Security Advisory (MGASA-2025-0318)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.8AI score0.00311EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-9103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. papmailbox822 does not properly check st from adnsfindlabelnext. Without this, an uninitialised stack value can be...

9.8CVSS8.1AI score0.0205EPSS
Exploits0References2
seebug.org
seebug.org
added 2008/07/29 12:0 a.m.111 views

DNS BailiWicked Host Attack

No description provided by source. /msf3/msfconsole require 'msf/core' require 'net/dns' require 'scruby' require 'resolv' module Msf class Auxiliary::Spoof::Dns::BailiWickedHost Msf::Auxiliary include Exploit::Remote::Ip def initializeinfo = superupdateinfoinfo, 'Name' = 'DNS BailiWicked Host...

7.1AI score0.95182EPSS
Exploits21
Rows per page
Query Builder