Lucene search
K

2022 matches found

CVE
CVE
added yesterday6 views

CVE-2026-50426

CVE-2026-50426 : Windows DNS Server contains a relative path traversal vulnerability that could allow an authorized attacker on an adjacent network to execute code. Root cause is traversal of relative paths in DNS Server handling, enabling remote code execution. Reported impact is arbitrary code ...

6.8CVSS6.2AI score
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-49169 Windows DNS Server Remote Code Execution Vulnerability

...

8CVSS
Exploits0References1
Fedora
Fedora
added 2026/07/04 1:7 a.m.10 views

[SECURITY] Fedora 43 Update: pdns-recursor-5.2.11-1.fc43

PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...

8.2CVSS6.7AI score0.00407EPSS
Exploits0
Fedora
Fedora
added 2026/07/04 12:51 a.m.6 views

[SECURITY] Fedora 44 Update: pdns-recursor-5.4.3-1.fc44

PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...

8.2CVSS6.5AI score0.00583EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.25 views

CVE-2026-36478

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...

0.00386EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.6 views

CVE-2026-36478

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...

7.5CVSS5.8AI score0.00386EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 12:0 a.m.16 views

CVE-2026-36478

Technical details for CVE-2026-36478 are not publicly available in the provided documents. The reports describe a DoS condition in Technitium DNS Server v14.3 and earlier but do not disclose root cause, vulnerable components beyond file names. Monitor for updates.

7.5CVSS5.8AI score0.00386EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52211

Name of the Vulnerable Software and Affected Versions NSD version 4.14.0 Description NSD contains a memory corruption flaw occurring during the serialization of a zone to disk. The issue stems from improper input validation and bounds checking of the address-family length field within Address...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References12
Fedora
Fedora
added 2026/06/15 12:51 a.m.10 views

[SECURITY] Fedora 44 Update: bind9-next-9.21.22-2.fc44

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

9.8CVSS5.3AI score0.01844EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

RHEL 10 : bind (RHSA-2026:24338)

"The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24338 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.10 views

CVE-2026-0264

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

9.2CVSS6.2AI score0.00408EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/29 1:23 a.m.17 views

SUSE CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.01387EPSS
Exploits0References5
OSV
OSV
added 2026/05/28 3:43 p.m.12 views

RLSA-2026:18786 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS6AI score0.1096EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/25 12:51 a.m.13 views

[SECURITY] Fedora 44 Update: bind-9.18.49-1.fc44

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS5.8AI score0.0181EPSS
Exploits1
OSV
OSV
added 2026/05/20 1:16 p.m.2 views

CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

5.9CVSS5.9AI score0.01387EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/20 1:10 p.m.9 views

CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.01387EPSS
Exploits0References3
CVE
CVE
added 2026/05/20 1:9 p.m.110 views

CVE-2026-3039

CVE-2026-3039 affects BIND 9.x when TKEY-based authentication via GSS-API tokens is used; the issue is a memory-exhaustion vulnerability triggered by malicious packets in Active Directory/Kerberos DNS setups. Affected versions span 9.0.0–9.16.50, 9.18.0–9.18.48, 9.20.0–9.20.22, 9.21.0–9.21.21, pl...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References13Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 1:9 p.m.14 views

CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References4
OSV
OSV
added 2026/05/20 10:16 a.m.1 views

CVE-2026-42534

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could renew the age of slow running queries and not allow the jostle logic to see them as aged and potentia...

5.3CVSS5.9AI score0.00519EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/19 1:47 p.m.6 views

CVE-2026-45557

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References4
Rows per page
Query Builder