Lucene search
K

196 matches found

Debian
Debian
added 2026/04/13 8:1 a.m.8 views

[SECURITY] [DLA 4529-1] bind9 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4529-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès April 13, 2026 https://wiki.debian.org/LTS -...

7.5CVSS5.7AI score0.01545EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/04/13 12:0 a.m.10 views

Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.3 views

Study of Post Quantum Status of Widely Used Protocols

The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key exchange and authentication, there is an urgent need to...

6AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/29 8:1 a.m.6 views

Memory leak in code preparing DNSSEC proofs of non-existence

...

7.5CVSS5.8AI score0.00698EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/26 5:10 p.m.10 views

SUSE CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/03/25 4:22 p.m.5 views

CVE-2026-1519

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users. Mitigation To mitigate...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : dnsmasq-2.79-31.el8_9.2 (AXSA:2024-7620:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7620:02 advisory. dnsmasq: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 dnsmasq: bind9: Preparing an NSEC3 closest encloser proof can...

7.5CVSS7.8AI score0.99995EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.6 views

MiracleLinux 8 : dnsmasq-2.79-13.el8.1 (AXSA:2021-1363:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1363:03 advisory. dnsmasq: heap-based buffer overflow in sortrrset when DNSSEC is enabled CVE-2020-25681 dnsmasq: buffer overflow in extractname due to missing length...

8.3CVSS7.2AI score0.86692EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.7 views

MiracleLinux 3 : bind-9.3.6-4.P1.2.1.AXS3 (AXSA:2010-77:01)

"The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-77:01 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves hos...

4.3CVSS7.3AI score0.09363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 3 : bind-9.3.6-4.P1.1.1AXS3 (AXSA:2009-425:4)

"The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-425:4 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names t...

2.6CVSS6.7AI score0.07952EPSS
Exploits1References2
Fedora
Fedora
added 2025/11/29 4:49 p.m.11 views

[SECURITY] Fedora 43 Update: unbound-1.24.2-1.fc43

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

7.1CVSS6.3AI score0.00311EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/11/14 3:56 p.m.6 views

Security update for bind

This update for bind fixes the following issues: CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found bsc1252378. CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch...

9.2CVSS7AI score0.1096EPSS
Exploits1References12
SUSE Linux
SUSE Linux
added 2025/10/31 5:8 p.m.9 views

Security update for bind

This update for bind fixes the following issues: Upgrade to release 9.20.15: CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found bsc1252378. CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number...

9.2CVSS7AI score0.1096EPSS
Exploits1References12
OSV
OSV
added 2025/10/31 2:13 p.m.6 views

OESA-2025-2609 bind security update

Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: Certain...

7.5CVSS6.7AI score0.99995EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/10/29 12:0 a.m.5 views

Siemens SIMATIC Devices Channel Accessible by Non-Endpoint (CVE-2023-7008)

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records. This plugin only works with Tenable.ot. Please visit...

5.9CVSS6.7AI score0.00849EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/09/03 11:56 p.m.10 views

DNSSEC validation may accept broken authentication chains

...

7.1CVSS7AI score0.0026EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-25687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the...

7.1CVSS7.4AI score0.86692EPSS
Exploits0References2
OSV
OSV
added 2025/08/26 5:52 p.m.8 views

CLSA-2025-1756230743 unbound: Fix of CVE-2023-50868

CVE-2023-50868: avoid availabiluty of the remote attackers to cause a denial of service using DNSSEC...

7.5CVSS7AI score0.81729EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-7883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secu...

3.7CVSS6AI score0.00478EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.6 views

Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

...

5.9CVSS7AI score0.00849EPSS
Exploits0
Rows per page
Query Builder