552 matches found
PowerDNS Authoritative 资源管理错误漏洞
PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a resource management vulnerability that can lead to a denial-of-service attack. This vulnerability occurs when the PowerDNS auxiliary servers forward DNS update requests to malicious...
PowerDNS Authoritative Server 输入验证错误漏洞
The PowerDNS Authoritative Server is a DNS server developed by the Dutch company PowerDNS. There is a vulnerability in input validation of the PowerDNS Authoritative Server. This vulnerability arises from operations conducted by administrators who are allowed to use the REST API. Such actions may...
MaraDNS 安全漏洞
MaraDNS is an open-source domain name system developed by Sam Trenholme. It can be used as a cache, recursive, or authoritative name server. Version 3.5.0036 of MaraDNS contains a security vulnerability; this vulnerability arises from domains that cannot resolve the address of authoritative name...
[SECURITY] Fedora 42 Update: pdns-recursor-5.2.8-1.fc42
PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...
bind: bind: Denial of Service via corrupt or malicious record
A flaw was found in bind. A remote attacker can send a specially crafted request that results in a corrupt or malicious record, causing the 'named' service to crash. This vulnerability leads to a Denial of Service DoS for authoritative servers and resolvers...
curl: HTTP/2 server push accepts a non-authoritative :scheme=https over cleartext h2c, enabling HTTPS cache-key poisoning
Summary: I found that libcurl 8.19.0 accepts an HTTP/2 pushed stream on a cleartext h2c connection even when the server sends :scheme=https in PUSHPROMISE. In lib/http2.c, settransferurl builds the pushed handle URL from the server-supplied :scheme, :authority, and :path, but PUSHPROMISE validati...
CVE-2026-1519
A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users. Mitigation To mitigate...
CVE-2026-1519
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...
ALPINE-CVE-2026-1519
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...
CVE-2026-1519
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...
CVE-2026-1519
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...
CVE-2026-1519
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...
UBUNTU-CVE-2026-1519
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...
ISC BIND 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Vulnerability (cve-2026-3119)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3119 advisory. - Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected...
ISC BIND 9.11.0 < 9.18.47 / 9.11.3-S1 < 9.18.47-S1 / 9.18.0 < 9.18.47 / 9.18.11-S1 < 9.18.47-S1 / 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Vulnerability (cve-2026-1519)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-1519 advisory. - If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume...
PT-2026-27770
Name of the Vulnerable Software and Affected Versions BIND versions 9.11.0 through 9.16.50 BIND versions 9.18.0 through 9.18.46 BIND versions 9.20.0 through 9.20.20 BIND versions 9.21.0 through 9.21.19 BIND versions 9.11.3-S1 through 9.16.50-S1 BIND versions 9.18.11-S1 through 9.18.46-S1 BIND...
bind: Cache poisoning due to weak PRNG
A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...
Exploit for CVE-2025-40778
CVE-2025-40778 Proof of Concept Educational demonstration of...
VulnCheck KEV: CVE-2021-36754
PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query QTYPE 65535 that causes an out-of-bounds exception...
EUVD-2016-3223
Malware in sbrugna...