28 matches found
EUVD-2011-4649
Malware in sbrugna...
EUVD-2011-4771
Malware in sbrugna...
EUVD-2023-57830
Malicious code in bioql PyPI...
CVE-2011-4731
The Server Administration Panel in Parallels Plesk Panel 10.2.0build1011110331.18 includes an RFC 1918 IP address within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by admin/home/admin and certain other files...
Important: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Oracle Linux 8 : bind9.16 (ELSA-2024-1781)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1781 advisory. - Prevent crashing at masterformat system test CVE-2023-6516 - Prevent increased CPU load on large DNS messages CVE-2023-4408 - Prevent assertion failu...
bind security update
bind 32:9.16.23-14.4 - Rebuild with correct z-stream tag again 32:9.16.23-14.3 - Rebuild together with bind-dyndb-ldap to adjust ABI changes 32:9.16.23-14.2 - Import tests for large DNS messages fix - Add downstream change complementing CVE-2023-50387 32:9.16.23-14.1 - Prevent increased CPU load ...
K000138989: BIND vulnerability CVE-2023-5517
Security Advisory Description A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. Th...
OESA-2024-1323 bind security update
Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: The DNS...
Moby's external DNS requests from 'internal' networks could lead to data exfiltration
Moby is an open source container framework originally developed by Docker Inc. as Docker. It is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. As a batteries-included container runtime, Moby comes with a built-in networking implementati...
Assertion Failure
bind9 is vulnerable to Assertion Failure. The vulnerability is due to assertion failure when the resolver receives a PTR Pointer Record query for an RFC 1918 address a private IP address as defined by the Internet Assigned Numbers Authority in nxdomain-redirect ; configuration. which leads to a...
Updated bind packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Parsing large DNS messages may cause excessive CPU load. CVE-2023-4408 Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled. CVE-2023-5517 Enabling both DNS64 and serve-stale may cause an assertion...
CVE-2023-5517
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
Design/Logic Flaw
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
CVE-2023-5517 Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
CVE-2023-5517
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
CVE-2023-5517
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
ISC BIND 9.12.0 < 9.16.48 / 9.16.8-S1 < 9.16.48-S1 / 9.18.0 < 9.18.24 / 9.18.11-S1 < 9.18.24-S1 / 9.19.0 < 9.19.21 Assertion Failure (cve-2023-5517)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is...
Mozilla Firefox Resource Management Error Vulnerability (CNVD-2021-07320)
Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. The FireFox product suffers from a resource management error vulnerability that...
Kubernetes: Private IP addresses Disclosure
The following URL leaks the Private IP Addresses:- kubernetes.io/feed.xml The following Server’s Cluster RFC 1918 IP addresses were disclosed in the response: • 10.1.2.3 • 10.104.207.136 • 10.224.0.0 • 10.250.0.0 • 10.250.112.0 • 10.250.96.0 • 10.55.252.216 • 10.96.0.0 • 10.96.0.1 • 10.96.15.180 ...