Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2026/06/16 2:20 a.m.9 views

SUSE CVE-2026-47691

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name...

8.7CVSS5.3AI score0.00292EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/15 8:35 a.m.12 views

CVE-2026-47691

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

10CVSS4.9AI score0.00292EPSS
Exploits0References6
NVD
NVD
added 2026/06/12 4:16 p.m.27 views

CVE-2026-47691

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name...

10CVSS0.00292EPSS
Exploits0References10
OSV
OSV
added 2026/06/12 4:16 p.m.5 views

UBUNTU-CVE-2026-47691

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name...

10CVSS5.4AI score0.00292EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/12 2:33 p.m.10 views

CVE-2026-47691 Netty has Insufficient Bailiwick Validation for NS Records

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name...

8.7CVSS5.3AI score0.00292EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 11:2 p.m.15 views

GHSA-5PVG-856G-CP85 Netty has Insufficient Bailiwick Validation for NS Records

Summary Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name server for a subdomain can poison the cache for parent domains like .co.uk. Details In...

8.7CVSS5.5AI score0.00292EPSS
Exploits0References12
Fedora
Fedora
added 2026/05/06 4:47 p.m.9 views

[SECURITY] Fedora 43 Update: pdns-5.0.4-1.fc43

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only name server. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

7.5CVSS5.8AI score0.00423EPSS
Exploits0
Fedora
Fedora
added 2026/05/06 4:24 p.m.11 views

[SECURITY] Fedora 42 Update: pdns-5.0.4-1.fc42

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only name server. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

7.5CVSS5.8AI score0.00423EPSS
Exploits0
Citrix
Citrix
added 2023/05/10 12:0 a.m.9 views

DNS Resolution fails due to Negative Caching

Steps to reproduce this issue: 1. Administrator added an authoritative name server A on Netscaler to resolveStoreFront LB's VIP. 2. Becasue name server A didn't have address record for Storefront LB fqdn, so DNS resolution failed. 3. Then administrator changed to another authoritative name...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.37 views

EulerOS Virtualization for ARM 64 3.0.2.0 : unbound (EulerOS-SA-2020-1971)

According to the versions of the unbound package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in unbound in versions prior to 1.10.1. An infinite loop can be created when malformed DNS answers ar...

7.5CVSS6.5AI score0.03588EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/06/08 10:18 a.m.6 views

unbound: amplification of an incoming query into a large number of queries directed to a target

A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive...

7.5CVSS7.2AI score0.03171EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/06/08 8:33 a.m.3 views

unbound: amplification of an incoming query into a large number of queries directed to a target

A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive...

7.5CVSS7.2AI score0.03171EPSS
Exploits0References6
Mageia
Mageia
added 2020/05/24 6:4 p.m.51 views

Updated pdns-recursor packages fix security vulnerabilities

Updated pdns-recursor packages fix security vulnerabilities: An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the...

7.5CVSS4.1AI score0.04372EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/05/19 5:55 p.m.37 views

CVE-2020-12662

A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive...

5CVSS5.9AI score0.03171EPSS
Exploits0References5
OSV
OSV
added 2019/01/16 8:29 p.m.5 views

ALPINE-CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

5.9CVSS6.9AI score0.18157EPSS
Exploits1References1
Rows per page
Query Builder