Lucene search
K

1655 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

RHEL 8 : bind (RHSA-2026:16064)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16064 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.10 views

PT-2026-39699

Name of the Vulnerable Software and Affected Versions dnsmasq affected versions not specified Description A heap-based out-of-bounds read in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service by sending a crafted DNS packet. A heap-based out-of-bounds read occur...

8.8CVSS5.8AI score0.07237EPSS
Exploits3References91
Github Security Blog
Github Security Blog
added 2026/05/07 2:59 a.m.20 views

hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-proto's 0.25.0-alpha.3 ... 0.25.2 and hickory-net's 0.26.0-alpha.1 .. 0.26.0 DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of th...

5.8AI score
Exploits0References4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/01 10:52 p.m.15 views

Security Bulletin: IBM i is affected by BIND being too lenient accepting records with forged data and consuming excessive CPU when a resolver is performing DNSSEC validation [CVE-2025-40778, CVE-2026-1519].

Summary Domain Name System for IBM i is vulnerable to BIND being too lenient when accepting records from answers allowing an attack to inject forged data into cache CVE-2025-40778, and consuming excessive CPU when a resolver is performing DNSSEC validation and encounters a maliciously crafted zon...

8.6CVSS6.7AI score0.01545EPSS
Exploits1Affected Software5
OSV
OSV
added 2026/05/01 12:0 p.m.6 views

RUSTSEC-2026-0120 NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-net's DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the SOA...

5.8AI score
Exploits0References3
RustSec
RustSec
added 2026/05/01 12:0 p.m.6 views

NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-proto's DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the S...

5.8AI score
Exploits0Affected Software1
OSV
OSV
added 2026/04/29 8:57 a.m.8 views

CLSA-2026-1777453021 bind: Fix of CVE-2026-1519

CVE-2026-1519: limit NSEC3 iteration count when proving an insecure delegation so a maliciously crafted DNSSEC zone with a high-iteration NSEC3 record cannot exhaust resolver CPU; treat the answer as insecure above the 150-iteration limit. Backport of bind-9.11.36-16.el810.7 RHSA-2026:8352...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References1
OSV
OSV
added 2026/04/29 8:51 a.m.6 views

CLSA-2026-1777452704 bind: Fix of CVE-2026-1519

CVE-2026-1519: limit NSEC3 iteration count when proving an insecure delegation so a maliciously crafted DNSSEC zone with a high-iteration NSEC3 record cannot exhaust resolver CPU; treat the answer as insecure above the 150-iteration limit. Backport of bind-9.11.36-16.el810.7 RHSA-2026:8352...

7.5CVSS6AI score0.01545EPSS
Exploits0References1
OSV
OSV
added 2026/04/25 5:49 a.m.5 views

OESA-2026-2060 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS5.4AI score0.01545EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 5:49 a.m.4 views

OESA-2026-2059 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS8.7AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.5 views

Debian dla-4529 : bind9 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4529 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4529-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS5.7AI score0.01545EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/19 12:0 a.m.5 views

MiracleLinux 9 : bind9.18-9.18.29-5.el9_7.4 (AXSA:2026-454:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-454:01 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from...

7.5CVSS7.6AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/19 12:0 a.m.5 views

MiracleLinux 8 : bind9.16-9.16.23-0.22.el8_10.5 (AXSA:2026-453:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-453:01 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/04/18 12:0 p.m.6 views

bind security update

An update is available for bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...

7.5CVSS7.5AI score0.01545EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.8 views

MiracleLinux 8 : bind-9.11.36-16.el8_10.7 (AXSA:2026-451:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-451:02 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.6 views

RHEL 10 : bind (RHSA-2026:8312)

"The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8312 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

7.5CVSS5.9AI score0.01545EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.8 views

RockyLinux 10 : bind (RLSA-2026:8312)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:8312 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.12 views

AlmaLinux 8 : bind (ALSA-2026:8352)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:8352 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.9AI score0.01545EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.10 views

Oracle Linux 8 : bind (ELSA-2026-8352)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8352 advisory. 32:9.11.36-16.7 - Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly...

7.5CVSS5.9AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/15 2:2 p.m.13 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References2
Rows per page
Query Builder