Lucene search
K

1652 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

RHEL 10 : unbound (RHSA-2026:23231)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23231 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash...

10CVSS5.8AI score0.01272EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

RockyLinux 10 : unbound (RLSA-2026:23231)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:23231 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service vi...

10CVSS5.8AI score0.01272EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2026/06/05 12:12 p.m.9 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
RedHat Linux
RedHat Linux
added 2026/06/04 8:54 a.m.12 views

Important: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

10CVSS6AI score0.01272EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/06/02 6:26 p.m.16 views

USN-8282-2: Unbound vulnerabilities

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Andr...

10CVSS6.1AI score0.00779EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/30 2:8 a.m.23 views

SUSE CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

8.6CVSS6.5AI score0.01272EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.17 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.6)

The version of AOS installed on the remote host is prior to 7.5.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.6 advisory. - Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation...

9.8CVSS6.5AI score0.0218EPSS
Exploits1References14
Rockylinux
Rockylinux
added 2026/05/29 6:1 p.m.21 views

dnssec-trigger bug fix update

An update is available for dnssec-trigger. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list dnssec-trigger reconfigures the local Unbound DNS server after each...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.1.9)

The version of AHV installed on the remote host is prior to AHV-10.3.1.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.1.9 advisory. - The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for...

9.8CVSS7.4AI score0.0218EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 3:2 p.m.6 views

SUSE-SU-2026:21874-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.5AI score0.01272EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.18 views

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2026-1756)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1756 advisory. NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep...

10CVSS6.4AI score0.01272EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2 : dnsmasq, --advisory ALAS2DNSMASQ-2026-004 (ALASDNSMASQ-2026-004)

The version of dnsmasq installed on the remote host is prior to 2.90-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DNSMASQ-2026-004 advisory. A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial o...

8.8CVSS6.4AI score0.07237EPSS
Exploits4References12
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.11 views

Oracle Linux 8 : dnsmasq (ELSA-2026-20589)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20589 advisory. - Prevent overflow in extractname function CVE-2026-2291 - Prevent DoS in DNSSEC validation CVE-2026-4890 - Prevent out-of-bounds read in DNSSEC...

8.8CVSS5.9AI score0.07237EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Fedora 44 : unbound (2026-49f37e16aa)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-49f37e16aa advisory. Update to 1.25.1 rhbz2480119 - Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation. Thanks to Qifan Zhang, Palo Alto Network...

10CVSS6.1AI score0.01272EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/05/26 2:24 p.m.19 views

CVE-2026-42923

A flaw was found in Unbound's DNSSEC validator where the code path for consulting the negative cache for DS records does not honor the limit on NSEC3 hash calculations introduced in version 1.19.1. An adversary who controls a DNSSEC-signed zone can sign NSEC3 records with high iteration counts fo...

6.9CVSS5.7AI score0.00339EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/26 5:9 a.m.15 views

dnsmasq: RRSIG rdlen underflow leading to heap OOB read

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixe...

7.5CVSS5.8AI score0.06226EPSS
Exploits0References5
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Important: dnsmasq

Issue Overview: A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4890 A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause...

8.4CVSS6.3AI score0.07237EPSS
Exploits4
Oracle linux
Oracle linux
added 2026/05/26 12:0 a.m.39 views

dnsmasq security update

2.79-36 - Prevent overflow in extractname function CVE-2026-2291 - Prevent DoS in DNSSEC validation CVE-2026-4890 - Prevent out-of-bounds read in DNSSEC validation CVE-2026-4891 - Prevent out-of-bounds write in DHCPv6 server CVE-2026-4892 - Prevent source check avoidance by RFC 7871 client-subnet...

8.4CVSS5.9AI score0.07237EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.13 views

TencentOS Server 3: bind9.16 (TSSA-2026:0359)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0359 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References2
OSV
OSV
added 2026/05/22 1:4 p.m.10 views

CLSA-2026-1779455055 dnsmasq: Fix of 5 CVEs

CVE-2026-2291: heap OOB write via undersized union bigname buffer - CVE-2026-4890: dnssec NSEC bitmap parsing infinite loop - CVE-2026-4891: dnssec missing rdlen validation in RRSIG records - CVE-2026-4892: helper buffer overflow with large DHCPv6 CLIDs - CVE-2026-4893: broken client subnet...

8.8CVSS6AI score0.07237EPSS
Exploits3References1
Rows per page
Query Builder