7028 matches found
Denial Of Service (DoS)
unbound is vulnerable to denial of service DoS. The vulnerability exists through an assertion failure through a compressed name in dnamepktcopy...
Denial Of Service (DoS)
unbound is vulnerable to denial of service. The vulnerability exists due to an assertion failure. in synthcname. An attacker is able to crash the system by sending invalid packets to the server...
keycloak: Backchannel logout not working when Principal Type is set to Attribute Name for external SAML IDP
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute Name...
PT-2021-18151 · Envoy · Envoy
Name of the Vulnerable Software and Affected Versions: Envoy version 1.14.0 Description: An issue was discovered that allows for a remotely exploitable crash for HTTP2 Metadata. This occurs because an empty METADATA map triggers a Reachable Assertion. Recommendations: For Envoy version 1.14.0, at...
bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...
bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...
CentOS 8 : unbound (CESA-2021:1853)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1853 advisory. - unbound: integer overflow in the regional allocator via regionalalloc CVE-2019-25032 - unbound: integer overflow in sldnsstr2wirednamebuforigin can...
RHEL 8 : unbound (RHSA-2021:1853)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1853 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: integer overflow in the...
RHEL 8 : bind (RHSA-2021:2028)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2028 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
RHEL 8 : bind (RHSA-2021:2024)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2024 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:1762)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1762 advisory. - libvirt: double free in qemuAgentGetInterfaces in qemuagent.c CVE-2020-25637 - QEMU: heap buffer overflow in iscsiaioioctlcb in block/iscsi.c may lea...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:1762)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1762 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
CVE-2020-20214
Mikrotik RouterOs 6.44.6 long-term tree suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...
CVE-2020-20214
Mikrotik RouterOs 6.44.6 long-term tree suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...
Spoofing
Mikrotik RouterOs 6.44.6 long-term tree suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...
bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...
CVE-2020-20214
MikroTik RouterOS 6.44.6 (long-term) is affected by an assertion-failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service by sending a crafted packet. The CVE-2020-20214 entry is supported by multiple sources in the connected documents, which desc...
CVE-2020-20214
Mikrotik RouterOs 6.44.6 long-term tree suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...
Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
bind security update
An update is available for bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...