CentOS 8 : nodejs:18 (CESA-2023:4035)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:4035 advisory. - A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitra...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

OESA-2023-1384 bind security update

The Berkeley Internet Name Domain BIND DNS Domain Name System server Security Fixes: Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database...

WPGraphQL Plugin vulnerable to Server Side Request Forgery (SSRF)

Impact Users with capabilities to upload media editors and above are succeptible to SSRF Server-Side Request Forgery when executing the createMediaItem Mutation. Authenticated users making GraphQL requests that execute the createMediaItem could pass executable paths in the mutations filePath...

Denial Of Service (DoS)

libbind9.so is vulnerable to Denial Of Service. The vulnerability exists if the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes and stale-answer-client-timeout 0, which leads to a sequence of serve-stale-related lookups could cause the named to...

[SECURITY] Fedora 37 Update: bind-9.18.16-1.fc37

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

K000135312: BIND vulnerability CVE-2023-2828

Security Advisory Description Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement i...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2023:2667-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2667-1 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database...

K000135252: BIND vulnerability CVE-2023-2829

Security Advisory Description A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9...

Debian dla-3471 : libc-ares-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3471 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3471-1 [email protected]...

Debian: Security Advisory (DLA-3471-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3471-1] c-ares security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3471-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky June 26, 2023 https://wiki.debian.org/LTS -...

The vulnerability of the DNS BIND server arises from buffer overflows in the stack when BIND operates as a resolver. This allows attackers to cause a service failure.

The vulnerability of the BIND DNS server is related to the overflow of the buffer in the stack when BIND operates as a resolver. This occurs when the number of recursive requests reaches an acceptable maximum, and the server’s settings allow it to return previously cached responses. Exploiting th...

[SECURITY] Fedora 38 Update: bind-9.18.16-1.fc38

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

Fedora 38 : bind / bind-dyndb-ldap (2023-8e1ddb1fa2)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-8e1ddb1fa2 advisory. Update to BIND 9.18.16 Selected parts from upstream release notes. Visit that for details of bug fixes. Security Fixes - The overmem cleaning proces...

Rocky Linux 9 : nodejs:18 (RLSA-2023:3577)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3577 advisory. - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen...

SUSE CVE-2023-2829

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

Oracle Linux 7 : c-ares (ELSA-2023-3741)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3741 advisory. 1.10.0-3.1 - Resolves: rhbz2209503 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-7.9.z Tenable has extracted the preceding description bloc...

CVE-2023-2828

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

DEBIAN-CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...