CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2025/02/11 7:35 a.m.•5 views

Astra Linux – Vulnerability in bind9

If a server hosts a zone containing a “KEY” Resource Record, or if a resolver validates a “KEY” Resource Record from a DNSSEC-signed domain in its cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

7.5CVSS7.5AI score0.02114EPSS

Tenable Nessus•added 2025/02/10 12:0 a.m.•6 views

EulerOS 2.0 SP11 : dhcp (EulerOS-SA-2025-1152)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...

SUSE CVE•added 2025/01/30 4:11 a.m.•1 views

SUSE CVE-2024-11187

It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources...

7.5CVSS8AI score0.14257EPSS

Exploits0References15

AlmaLinux•added 2025/01/30 12:0 a.m.•13 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation CVE-2024-1488 unbound: Unbounded name compression could lead to Denial of Service...

8CVSS6.9AI score0.00806EPSS

Exploits0References6

OSV•added 2025/01/29 10:15 p.m.•5 views

AZL-56105 CVE-2024-12705 affecting package bind for versions less than 9.20.5-1

Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...

7.5CVSS7.1AI score0.15664EPSS

OSV•added 2025/01/29 10:15 p.m.•1 views

ALPINE-CVE-2024-11187

7.5CVSS6.9AI score0.14257EPSS

NVD•added 2025/01/29 10:15 p.m.•8 views

CVE-2024-12705

7.5CVSS0.15664EPSS

Exploits0References2

OSV•added 2025/01/29 10:15 p.m.•1 views

ALPINE-CVE-2024-12705

7.5CVSS7AI score0.15664EPSS

OSV•added 2025/01/29 10:15 p.m.•8 views

CVE-2024-12705

7.5CVSS7.4AI score0.15664EPSS

Exploits0References2

RedhatCVE•added 2025/01/29 9:51 p.m.•12 views

CVE-2024-12705

A flaw was found in BIND 9. By flooding a target resolver with HTTP/2 traffic and exploiting this flaw, an attacker could overwhelm the server, causing high CPU and/or memory usage and preventing other clients from establishing DoH connections. This issue could significantly impair the resolver's...

7.5CVSS7.2AI score0.15664EPSS

Exploits0References4

Cvelist•added 2025/01/29 9:40 p.m.•38 views

CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

7.5CVSS0.15664EPSS

OSV•added 2025/01/29 12:0 a.m.•0 views

UBUNTU-CVE-2024-12705

7.5CVSS7.1AI score0.15664EPSS

OSV•added 2025/01/29 12:0 a.m.•1 views

UBUNTU-CVE-2024-11187

7.5CVSS6.9AI score0.14257EPSS

Tenable Nessus•added 2025/01/14 12:0 a.m.•20 views

EulerOS 2.0 SP9 : dhcp (EulerOS-SA-2025-1053)

Tenable Nessus•added 2025/01/14 12:0 a.m.•14 views

EulerOS 2.0 SP9 : dhcp (EulerOS-SA-2025-1036)

Tenable Nessus•added 2025/01/13 12:0 a.m.•12 views

EulerOS 2.0 SP10 : dhcp (EulerOS-SA-2025-1002)