274 matches found
CVE-2025-40778
A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...
PT-2025-43372
Name of the Vulnerable Software and Affected Versions BIND versions 9.11.0 through 9.16.50 BIND versions 9.18.0 through 9.18.39 BIND versions 9.20.0 through 9.20.13 BIND versions 9.21.0 through 9.21.12 BIND Supported Preview Edition versions 9.11.3-S1 through 9.16.50-S1 BIND Supported Preview...
EUVD-2018-6542
Malware in sbrugna...
EUVD-2010-0321
Malware in sbrugna...
EUVD-2019-16035
Malware in sbrugna...
EUVD-2020-18463
Malware in sbrugna...
EUVD-2017-12280
Malware in sbrugna...
EUVD-2008-1193
Malware in sbrugna...
EUVD-2019-2213
Malware in sbrugna...
EUVD-2018-17514
Malware in sbrugna...
EUVD-2020-4559
Malware in sbrugna...
EUVD-2022-7559
Malicious code in bioql PyPI...
EUVD-2023-34280
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-15090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been...
[SECURITY] Fedora 42 Update: unbound-1.23.1-1.fc42
Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...
TencentOS Server 2: bind, bind-dyndb-ldap, and dhcp (TSSA-2024:0157)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0157 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
TencentOS Server 3: bind and dhcp (TSSA-2024:0227)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0227 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2022-3347
DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. Root DNSSEC public keys are not validated, permitting an attacker to present a self-signed root key and delegation chain...
Linux Distros Unpatched Vulnerability : CVE-2018-5745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - managed-keys is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC...
Hickory DNS failure to verify self-signed RRSIG for DNSKEYs
Summary The DNSSEC validation routines treat entire RRsets of DNSKEY records as trusted once they have established trust in only one of the DNSKEYs. As a result, if a zone includes a DNSKEY with a public key that matches a configured trust anchor, all keys in that zone will be trusted to...