Lucene search
K

60 matches found

F5 Networks
F5 Networks
added 2023/02/21 5:28 p.m.33 views

K30673534: BIND vulnerability CVE-2015-8461

Security Advisory Description Beginning with the September 2015 maintenance releases 9.9.8 and 9.10.3, an error was introduced into BIND 9 which can cause a server to exit after encountering an INSIST assertion failure in resolver.c. CVE-2015-8461 Impact There is no impact; F5 products are not...

7.1CVSS7.4AI score0.04848EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.8 views

SUSE CVE-2019-6473

An invalid hostname option can trigger an assertion failure in the Kea DHCPv4 server process kea-dhcp4, causing the server process to exit. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2...

6.5CVSS6.4AI score0.00797EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.5 views

SUSE CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

6.5CVSS7.7AI score0.05545EPSS
Exploits0References114
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.9 views

SUSE CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the defect is also present in...

7.4CVSS8.4AI score0.06118EPSS
Exploits1References21
RedhatCVE
RedhatCVE
added 2021/11/24 10:18 p.m.18 views

CVE-2021-32037

An assertion flaw was found in the mongodb server where an aggregation request could trigger an invariant. An authorized user could exploit this flaw by sending a relevant aggregation request to a shard, which could result in a denial of service or server exit. Requests are usually sent via mongo...

6.5CVSS6AI score0.01181EPSS
Exploits0References4
Prion
Prion
added 2021/11/24 4:15 p.m.9 views

Design/Logic Flaw

An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shar...

4CVSS6.3AI score0.01181EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2021/11/24 4:15 p.m.13 views

CVE-2021-32037

An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shar...

6.5CVSS6.6AI score0.01181EPSS
Exploits0References2
OSV
OSV
added 2021/11/24 4:15 p.m.13 views

UBUNTU-CVE-2021-32037

An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shar...

6.5CVSS5.8AI score0.01181EPSS
Exploits0References3
CVE
CVE
added 2021/11/24 10:40 a.m.106 views

CVE-2021-32037

MongoDB Server vulnerability CVE-2021-32037 affects MongoDB Server v5.0 versions prior to and including 5.0.2. An authorized user can trigger an invariant by sending a relevant aggregation request to a shard via mongos, with privileges needed to know shard addresses and to log in to shards in an ...

6.5CVSS6.3AI score0.01181EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/11/24 10:40 a.m.14 views

CVE-2021-32037 User may trigger invariant when allowed to send commands directly to shards

An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shar...

6.5CVSS6.4AI score0.01181EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/24 12:0 a.m.6 views

Mongodb Server 输入验证错误漏洞

MongoDB Server is the United States MongoDB company's set of open source NoSQL database . The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. An input validation error vulnerability exists in Mongodb, which stems from the product's failure...

6.5CVSS6.5AI score0.01181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/12/19 12:0 a.m.58 views

Amazon Linux AMI : bind (ALAS-2020-1457) (deprecated)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1457 advisory. - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supporte...

7.3AI score0.05545EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.44 views

Oracle Linux 8 : bind (ELSA-2020-4500)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4500 advisory. - Fix tsig-request verify CVE-2020-8622 - Prevent PKCS11 daemon crash on crafted packet CVE-2020-8623 - Correct update-policy type subdomain to match...

8.6CVSS6.6AI score0.93422EPSS
Exploits6References5
Mageia
Mageia
added 2020/09/27 8:6 p.m.62 views

Updated pdns packages fix security vulnerability

An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while...

7.5CVSS1.3AI score0.02592EPSS
Exploits0References8
Veracode
Veracode
added 2020/08/31 4:8 a.m.24 views

Denial Of Service (DoS)

BIND is vulnerable to denial of service DoS. An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...

7.5CVSS2.9AI score0.03663EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2020/08/21 9:15 p.m.4 views

ALPINE-CVE-2020-8620

In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...

7.5CVSS6.9AI score0.03663EPSS
Exploits0References1
OSV
OSV
added 2020/08/21 9:15 p.m.3 views

DEBIAN-CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

6.5CVSS6.7AI score0.05545EPSS
Exploits0References1
NVD
NVD
added 2020/08/21 9:15 p.m.15 views

CVE-2020-8620

In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...

7.5CVSS7.4AI score0.03663EPSS
Exploits0References7
OSV
OSV
added 2020/08/21 9:15 p.m.5 views

ALPINE-CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

6.5CVSS6.8AI score0.05545EPSS
Exploits0References1
Prion
Prion
added 2020/08/21 9:15 p.m.30 views

Authentication flaw

In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...

5CVSS7.3AI score0.03663EPSS
Exploits0References7Affected Software3
Rows per page
Query Builder