CVE-2026-45186

In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input...

Enhancing Security in Deep Reinforcement Learning: A Comprehensive Survey on Adversarial Attacks and Defenses

With the wide application of deep reinforcement learning DRL techniques in complex fields such as autonomous driving, intelligent manufacturing, and smart healthcare, how to improve its security and robustness in dynamic and changeable environments has become a core issue in current research...

Linux Distros Unpatched Vulnerability : CVE-2016-10396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The...

ROS-20240826-09

The vulnerability in the Time library of the Ruby interpreter is related to the use of regular expression c inefficient computational complexity. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the URI component of the Ruby...

Amazon Linux 2 : bind (ALAS-2024-2625)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2625 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problem...

Important: bind

Issue Overview: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This...

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the use of a regular expression c with inefficient computational complexity, allowing attackers to trigger service interruptions.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1850)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

EulerOS 2.0 SP11 : bind (EulerOS-SA-2024-1795)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods,...

F5 Networks BIG-IP : BIND vulnerability (K000138990)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2. It is, therefore, affected by a vulnerability as referenced in the K000138990 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not...

ISC BIND DoS Vulnerability (CVE-2023-4408) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

Debian dsa-5621 : bind9 - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5621 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic,...

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

Design/Logic Flaw

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

Ubuntu 22.04 LTS / 23.10 : Bind vulnerabilities (USN-6633-1)

The remote Ubuntu 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6633-1 advisory. Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote...

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

ROS-20230911-10

Vulnerability of EmailValidator and URLValidator components of Django web application software platform is related to the use of regular expression with inefficient computational complexity when processing domain name labels in emails and URLs. domain name labels in emails and URLs. Exploitation ...