Lucene search
K

28 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/22 1:55 p.m.4 views

CVE-2026-12725

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply su...

5.9CVSS6.1AI score0.00406EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/19 1:47 p.m.35 views

CVE-2026-45557 Technitium DNS Server excessive DNSSEC requests

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS0.00389EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/19 1:47 p.m.11 views

EUVD-2026-30938

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.10 views

PT-2026-41937

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.8 views

Technitium DNS Server 安全漏洞

Technitium DNS Server is an open-source authoritative and recursive DNS server developed by the Technitium team. It can be used as a self-hosted DNS server to protect privacy and security. Versions of Technitium DNS Server prior to version 15.0 contained security vulnerabilities. These...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:38 a.m.9 views

CVE-1999-0835

Denial of service in BIND named via malformed SIG records...

10CVSS6.9AI score0.01456EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.56 views

RHEL 4 : bind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bind: deleted domain name resolving flaw CVE-2012-1033 - bind: malformed signature records for DNAME...

8.6CVSS7.8AI score0.91284EPSS
Exploits20References8
OSV
OSV
added 2024/02/14 4:15 p.m.4 views

ALPINE-CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.5CVSS6.8AI score0.99995EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.2 views

SUSE CVE-2010-3613

named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service daemon crash via a query for...

4CVSS7.4AI score0.10655EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1910

Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...

5CVSS7.5AI score0.24638EPSS
Exploits1References4
OSV
OSV
added 2023/01/26 9:15 p.m.8 views

AZL-13203 CVE-2022-3736 affecting package bind for versions less than 9.16.37-2

BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and...

7.5CVSS7.3AI score0.5017EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/25 12:0 a.m.2 views

ISC BIND 安全漏洞

ISC BIND is a suite of open source software that implements the DNS protocol from the American company ISC. A security vulnerability exists in BIND versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, and 9.19.0 through 9.19.8, which arises from the fact that when stale caching and stale...

7.5CVSS7.6AI score0.5017EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/12 11:45 a.m.4 views

bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...

7.5CVSS6.8AI score0.93422EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.30 views

AIX 5.3 TL 12 : bind (IV85298) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.49 views

AIX 6.1 TL 9 : bind (IV84456) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.42 views

AIX 7.1 TL 3 : bind (IV85296) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.69 views

AIX 7.1 TL 4 : bind (IV84458) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.64 views

AIX 6.1 TL 9 : bind (IV84984) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/04/06 11:14 a.m.5 views

bind: malformed signature records for DNAME records can trigger assertion failure

A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...

8.6CVSS6.8AI score0.621EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/03/31 5:56 p.m.3 views

bind: malformed signature records for DNAME records can trigger assertion failure

A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...

8.6CVSS6.8AI score0.621EPSS
Exploits0References5
Rows per page
Query Builder