382 matches found
EulerOS 2.0 SP12 : unbound (EulerOS-SA-2026-1080)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...
Tenda M3 /goform/setInternetLanInfo File Heap Buffer Overflow Vulnerability
Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 heap buffer overflow vulnerability exists, the vulnerability stems from the file / goform / setInternetLanInfo function...
CVE-2021-31882
A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303. The DHCP client application does not validate the length of the Domain Name Server IP options 0x06 when processing DHCP ACK packets. This may lead to...
Tenda M3 安全漏洞
Tenda M3 is an access control controller from Tenda China. A security vulnerability exists in Tenda M3 version 1.0.0.13, which originates from incorrect manipulation of the parameters startip/endip/leasetime/gateway/dns1/dns2 in the file /goform/setDhcpAP, which could result in a stack buffer...
Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2025-1315)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1315 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to...
Medium: unbound
Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...
Medium: unbound
Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...
Medium: unbound
Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...
[SECURITY] [DSA 6071-1] unbound security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6071-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 04, 2025 https://www.debian.org/security/faq -...
Technitium DNS Server 安全漏洞
Technitium DNS Server is an open source authoritative and recursive DNS server from the Technitium team. It can be used to self-host DNS servers for privacy and security. A security vulnerability exists in Technitium DNS Server version 13.2.2 and earlier, which stems from a DNS cache poisoning...
bind: DNS forwarders - cache poisoning vulnerability
A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote high...
FreeBSD Security Advisory - FreeBSD-SA-25:10.unbound
FreeBSD Security Advisory - Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver's knowledge of the zone's name servers. If a malicious...
CLSA-2025-1764084458 bind: Fix of 2 CVEs
CVE-2025-40780: fix randomness sources, drop obsolete PRNG test - CVE-2025-40778: fix NS caching, DNAME/referral handling, restore IPv6 TCP tests...
bind: DNS forwarders - cache poisoning vulnerability
A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote high...
OESA-2025-2687 unbound security update
Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards. To help increase online privacy, Unbound supports DNS-over-TLS which allows clients to encrypt their communication. Unbound is available for most...
Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2025-1256)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1256 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to...
ALSA-2025:19912 Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
bind: Cache poisoning attacks with unsolicited RRs
A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...
Low: unbound
Issue Overview: No CVE associated with this advisory Affected Packages: unbound Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update unbound or yum update...
Low: unbound
Issue Overview: No CVE associated with this advisory Affected Packages: unbound Note: This advisory is applicable to Amazon Linux 2 - Unbound-1.17 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisorie...