Lucene search
+L

443 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-2074

Malware in sbrugna...

5CVSS6.1AI score0.07986EPSS
Exploits0References11
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-12283

Malware in sbrugna...

5.3CVSS6.2AI score0.05356EPSS
Exploits0References15
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16006

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.12301EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-45770

Malicious code in bioql PyPI...

5.5CVSS5.9AI score0.00171EPSS
Exploits0References1
nessus
nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-11104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and...

5.9CVSS6AI score0.02681EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/23 7:4 a.m.8 views

CVE-2024-50861

The ipmoddnskeyform.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks...

6.1CVSS6AI score0.00782EPSS
Exploits3References1
ubuntu
ubuntu
added 2025/05/21 1:47 p.m.7 views

USN-7526-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain DNS messages with invalid TSIG. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.9AI score0.12301EPSS
Exploits1
nvd
nvd
added 2025/05/21 1:16 p.m.11 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS0.12301EPSS
Exploits1References3
osv
osv
added 2025/05/21 1:16 p.m.2 views

DEBIAN-CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS8.1AI score0.12301EPSS
Exploits1References1
osv
osv
added 2025/05/21 1:16 p.m.12 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS7.1AI score0.12301EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/05/21 12:35 p.m.12 views

CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS6.9AI score0.12301EPSS
Exploits1References1
cve
cve
added 2025/05/21 12:35 p.m.183 views

CVE-2025-40775

CVE-2025-40775 affects ISC BIND 9, specifically versions 9.20.0–9.20.8 and 9.21.0–9.21.7. The root cause is an invalid value in the TSIG algorithm field in an incoming DNS message, which causes BIND to abort with an assertion failure. The impact is remote denial of service via crafted TSIGs. A fi...

7.5CVSS7.5AI score0.12301EPSS
Exploits1References3
cvelist
cvelist
added 2025/05/21 12:35 p.m.22 views

CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS0.12301EPSS
Exploits1References1
alpinelinux
alpinelinux
added 2025/05/21 12:35 p.m.22 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS7.6AI score0.12301EPSS
Exploits1
cnnvd
cnnvd
added 2025/05/21 12:0 a.m.5 views

ISC BIND 安全漏洞

ISC BIND is an ISC open source suite of open source software that implements the DNS protocol. A security vulnerability exists in ISC BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7, which stems from an invalid value in the TSIG algorithm field that could lead to an assertion...

7.5CVSS8AI score0.12301EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/05/21 12:0 a.m.4 views

PT-2025-22347 · Isc +3 · Bind 9 +3

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.20.0 through 9.20.8 BIND 9 versions 9.21.0 through 9.21.7 Description: When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorith...

7.5CVSS7.8AI score0.17935EPSS
Exploits1References38
redos
redos
added 2025/05/13 12:0 a.m.17 views

ROS-2-596

2.596 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.7AI score0.82367EPSS
Exploits0
nessus
nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-3142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSI...

5.3CVSS6.8AI score0.05356EPSS
Exploits0References2
osv
osv
added 2025/01/14 10:15 p.m.5 views

CVE-2024-50861

The ipmoddnskeyform.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks...

6.1CVSS5.9AI score0.00782EPSS
Exploits3References3
nvd
nvd
added 2025/01/14 10:15 p.m.11 views

CVE-2024-50861

The ipmoddnskeyform.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks...

6.1CVSS0.00782EPSS
Exploits3References3
Rows per page
Query Builder