Lucene search
+L

552 matches found

CNNVD
CNNVD
added 2026/04/22 12:0 a.m.15 views

PowerDNS Authoritative 资源管理错误漏洞

PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a resource management vulnerability that can lead to a denial-of-service attack. This vulnerability occurs when the PowerDNS auxiliary servers forward DNS update requests to malicious...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.11 views

PowerDNS Authoritative Server 输入验证错误漏洞

The PowerDNS Authoritative Server is a DNS server developed by the Dutch company PowerDNS. There is a vulnerability in input validation of the PowerDNS Authoritative Server. This vulnerability arises from operations conducted by administrators who are allowed to use the REST API. Such actions may...

6.5CVSS5.8AI score0.00423EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.11 views

MaraDNS 安全漏洞

MaraDNS is an open-source domain name system developed by Sam Trenholme. It can be used as a cache, recursive, or authoritative name server. Version 3.5.0036 of MaraDNS contains a security vulnerability; this vulnerability arises from domains that cannot resolve the address of authoritative name...

7.5CVSS5.8AI score0.00375EPSS
Exploits0References2
Fedora
Fedora
added 2026/04/13 12:50 a.m.8 views

[SECURITY] Fedora 42 Update: pdns-recursor-5.2.8-1.fc42

PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...

7.5CVSS5.8AI score0.00504EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/07 11:30 p.m.2 views

bind: bind: Denial of Service via corrupt or malicious record

A flaw was found in bind. A remote attacker can send a specially crafted request that results in a corrupt or malicious record, causing the 'named' service to crash. This vulnerability leads to a Denial of Service DoS for authoritative servers and resolvers...

7.5CVSS6.1AI score0.08219EPSS
Exploits0References4
Hacker One
Hacker One
added 2026/03/26 6:56 p.m.18 views

curl: HTTP/2 server push accepts a non-authoritative :scheme=https over cleartext h2c, enabling HTTPS cache-key poisoning

Summary: I found that libcurl 8.19.0 accepts an HTTP/2 pushed stream on a cleartext h2c connection even when the server sends :scheme=https in PUSHPROMISE. In lib/http2.c, settransferurl builds the pushed handle URL from the server-supplied :scheme, :authority, and :path, but PUSHPROMISE validati...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/25 4:22 p.m.7 views

CVE-2026-1519

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users. Mitigation To mitigate...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References7
OSV
OSV
added 2026/03/25 2:16 p.m.3 views

CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS7.3AI score0.01545EPSS
Exploits0References28
OSV
OSV
added 2026/03/25 2:16 p.m.4 views

ALPINE-CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 2:16 p.m.4 views

CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS0.01545EPSS
Exploits0References28
ATTACKERKB
ATTACKERKB
added 2026/03/25 1:25 p.m.15 views

CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/25 1:25 p.m.4 views

CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References28
OSV
OSV
added 2026/03/25 12:0 a.m.7 views

UBUNTU-CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS7.3AI score0.01545EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.4 views

ISC BIND 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Vulnerability (cve-2026-3119)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3119 advisory. - Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected...

6.5CVSS6AI score0.00576EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.3 views

ISC BIND 9.11.0 < 9.18.47 / 9.11.3-S1 < 9.18.47-S1 / 9.18.0 < 9.18.47 / 9.18.11-S1 < 9.18.47-S1 / 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Vulnerability (cve-2026-1519)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-1519 advisory. - If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume...

7.5CVSS5.9AI score0.01545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.12 views

PT-2026-27770

Name of the Vulnerable Software and Affected Versions BIND versions 9.11.0 through 9.16.50 BIND versions 9.18.0 through 9.18.46 BIND versions 9.20.0 through 9.20.20 BIND versions 9.21.0 through 9.21.19 BIND versions 9.11.3-S1 through 9.16.50-S1 BIND versions 9.18.11-S1 through 9.18.46-S1 BIND...

7.8CVSS5.8AI score0.01545EPSS
Exploits0References124
RedHat Linux
RedHat Linux
added 2025/11/12 10:49 a.m.10 views

bind: Cache poisoning due to weak PRNG

A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...

8.6CVSS6.1AI score0.00464EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/10/29 4:5 p.m.420 views

Exploit for CVE-2025-40778

CVE-2025-40778 Proof of Concept Educational demonstration of...

8.6CVSS6.9AI score0.00502EPSS
Exploits1
VulnCheck KEV
VulnCheck KEV
added 2025/10/20 12:0 a.m.11 views

VulnCheck KEV: CVE-2021-36754

PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query QTYPE 65535 that causes an out-of-bounds exception...

7.5CVSS5.8AI score0.64857EPSS
In wildExploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-3223

Malware in sbrugna...

7.5CVSS6.9AI score0.01997EPSS
Exploits0References6
Rows per page
Query Builder