Lucene search
+L

382 matches found

EUVD
EUVD
added 2026/04/07 3:16 p.m.5 views

EUVD-2026-19684

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the upstream DNS servers configuration parameter dns.upstreams. This vulnerability allows a...

8.8CVSS6.2AI score0.00859EPSS
Exploits2References1
Fedora
Fedora
added 2026/04/03 12:51 a.m.7 views

[SECURITY] Fedora 43 Update: bind9-next-9.21.20-1.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS7.3AI score0.01545EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. Vulnerabilities exist in versions 9.20.0 to 9.20.20, 9.21.0 to 9.21.19, and 9.20.9-S1 to 9.20.20-S1 of ISC BIND 9. These vulnerabilities could lead to crashes when processing queries with correctly signed TKEY records...

6.5CVSS7.5AI score0.00576EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/25 12:0 a.m.4 views

CVE-2026-3119

Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature TSIG from a key declared in the named configuration. This issue affects BIND 9 versions 9.20....

6.5CVSS7.4AI score0.00576EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/03/18 5:51 p.m.8 views

USN-8108-1: Bouncy Castle vulnerabilities

It was discovered that Bouncy Castle did not sanitize user input when inserting it into an LDAP search filter. An attacker could possibly use this issue to perform an LDAP injection attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS...

7.5CVSS6.7AI score0.011EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.6 views

EulerOS Virtualization 2.13.0 : unbound (EulerOS-SA-2026-1632)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

7.1CVSS6.8AI score0.00311EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

EulerOS Virtualization 2.13.1 : unbound (EulerOS-SA-2026-1642)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

7.1CVSS6.8AI score0.00311EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/17 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1595)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.8AI score0.00311EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.11 views

EulerOS Virtualization 2.12.0 : dhcp (EulerOS-SA-2026-1479)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into...

8.6CVSS5.9AI score0.00509EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.10 views

EUVD-2026-12226

arduino-TuyaOpen before version 1.2.1 contains a heap-based buffer overflow vulnerability in the DnsServer component. An attacker on the same local area network who controls the LAN DNS server can send malicious DNS responses to overflow the heap buffer, potentially allowing execution of arbitrar...

8.8CVSS6.4AI score0.00396EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.14 views

PT-2026-20831

Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the openvpn users endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with script payloads in the username, remotenets,...

6.1CVSS5.6AI score0.0033EPSS
Exploits1References4
Malwarebytes
Malwarebytes
added 2026/02/16 1:9 p.m.11 views

ClickFix added nslookup commands to its arsenal for downloading RATs

ClickFix malware campaigns are all about tricking the victim into infecting their own machine. Apparently, the criminals behind these campaigns have figured out that mshta and Powershell commands are increasingly being blocked by security software, so they have developed a new method using...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.5 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.7)

The version of AHV installed on the remote host is prior to 10.0.1.7 / AHV-10.0.1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.7 advisory. - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf...

8.8CVSS6.5AI score0.01279EPSS
Exploits2References5
Fedora
Fedora
added 2026/02/07 1:9 a.m.9 views

[SECURITY] Fedora 42 Update: bind-9.18.44-1.fc42

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS5.6AI score0.08219EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: dhcp (UTSA-2026-005266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005266 advisory. Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects...

8.6CVSS6.5AI score0.00509EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2026/02/03 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1228)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.4AI score0.00311EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.4 views

EulerOS 2.0 SP13 : unbound (EulerOS-SA-2026-1216)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...

7.1CVSS6.8AI score0.00311EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/21 2:43 p.m.3 views

EUVD-2026-3599

Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1...

7.5CVSS5.4AI score0.08219EPSS
Exploits0References6
F5 Networks
F5 Networks
added 2026/01/16 9:36 a.m.11 views

K000159594: NLnet Labs Unbound vulnerability CVE-2025-11411

Security Advisory Description NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the...

7.1CVSS6.7AI score0.00311EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : bind-9.8.2-0.37.5.0.2.rc1.AXS4 (AXSA:2016-051:01)

"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-051:01 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names ...

6.8CVSS6.8AI score0.5469EPSS
Exploits0References2
Rows per page
Query Builder