Lucene search
+L

29 matches found

redhat
redhat
added 2026/06/08 8:53 a.m.18 views

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.5AI score0.00779EPSS
Exploits0References4
osv
osv
added 2026/05/20 10:16 a.m.2 views

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

7.5CVSS6AI score0.00779EPSS
Exploits0References8
nvd
nvd
added 2026/05/20 10:16 a.m.20 views

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS0.00779EPSS
Exploits0References8
attackerkb
attackerkb
added 2026/05/20 9:20 a.m.8 views

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References2
githubexploit
githubexploit
added 2025/10/29 4:5 p.m.417 views

Exploit for CVE-2025-40778

CVE-2025-40778 Proof of Concept Educational demonstration of...

8.6CVSS6.9AI score0.00509EPSS
Exploits1
osv
osv
added 2025/05/23 2:0 p.m.2 views

OESA-2025-1558 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS6.9AI score0.15465EPSS
Exploits0References2
osv
osv
added 2025/02/28 3:34 p.m.5 views

OESA-2025-1215 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS6.9AI score0.15465EPSS
Exploits0References2
osv
osv
added 2025/02/21 1:37 p.m.2 views

OESA-2025-1172 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS6.9AI score0.15465EPSS
Exploits0References2
redhat
redhat
added 2025/02/20 9:42 a.m.6 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 6:37 p.m.3 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 2:48 p.m.23 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 2:24 p.m.16 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 1:50 p.m.5 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 1:31 p.m.8 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 1:31 p.m.13 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 8:42 a.m.4 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 7:7 a.m.4 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 6:56 a.m.4 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 4:53 a.m.5 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 4:45 a.m.5 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15465EPSS
Exploits0References5
Rows per page
Query Builder