Lucene search
K

32 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in unbound, bind9, dnsmasq

Certain aspects of the DNS protocol’s DNSSEC mechanism described in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service attack by manipulating one or more DNSSEC responses. This issue is known as the “KeyTrap” problem. One of the concerns is that, when...

7.5CVSS7.1AI score0.99995EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in bind9

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode the available memory to the point where named crashes occur due to lack of resources...

7.5CVSS7.5AI score0.02176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in bind9

By flooding the target resolver with queries that exploit this flaw, an attacker can significantly impair the resolver’s performance, effectively denying legitimate clients access to the DNS resolution service...

5.3CVSS6.7AI score0.01495EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/19 12:0 a.m.5 views

MiracleLinux 9 : bind9.18-9.18.29-5.el9_7.4 (AXSA:2026-454:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-454:01 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from...

7.5CVSS7.6AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-3119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incomin...

6.5CVSS7.5AI score0.00576EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-3591

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may b...

5.4CVSS8.3AI score0.0036EPSS
Exploits0References3
NCSC
NCSC
added 2026/01/23 8:54 a.m.6 views

Vulnerability fixed in BIND 9

ICS has fixed a vulnerability in BIND 9. The vulnerability is located in certain versions of BIND 9, where malformed BRID/HHIT records can lead to the unexpected termination of the named service, which is critical for DNS resolution. This vulnerability allows attackers to crash the service throug...

7.5CVSS5.6AI score0.08219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 4: bind9-next (TSSA-2025:0574)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0574 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.9AI score0.0468EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/11/10 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-66fb3fa6b0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.8AI score0.1096EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/11/02 12:0 a.m.4 views

PT-2025-44737

Name of the Vulnerable Software and Affected Versions Yandex Disk versions prior to 3.2.45.3275 Description A Search Order Hijacking issue exists in Yandex Disk on MacOS due to an uncontrolled search path element. This allows for exploitation of the system. Recommendations Update Yandex Disk to...

8.8CVSS6.6AI score0.00148EPSS
Exploits0References4
CNVD
CNVD
added 2025/10/29 12:0 a.m.3 views

Unspecified Vulnerability in ISC BIND 9

ISC BIND 9 is a domain name system software from the ISC organization. A security vulnerability exists in ISC BIND 9 that stems from a weakness in the pseudo-random number generator, which can be exploited by an attacker to cause prediction of source ports and query IDs...

8.6CVSS6.8AI score0.00454EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.2 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a Domain Name System software from the ISC organization. ISC BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39- S1, and 9.20.9-S1 through 9.20.13-S1, a security...

8.6CVSS5.2AI score0.00454EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.5 views

PT-2025-43373

Name of the Vulnerable Software and Affected Versions BIND versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1. Description Due to a weakness in the...

8.6CVSS6AI score0.1096EPSS
Exploits1References95
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-6516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including...

7.5CVSS7.2AI score0.01097EPSS
Exploits0References2
OSV
OSV
added 2025/05/21 1:47 p.m.6 views

USN-7526-1 bind9 vulnerability

It was discovered that Bind incorrectly handled certain DNS messages with invalid TSIG. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.3AI score0.11727EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in bind9

Resolver caches and authoritative zone databases that hold a significant number of Resource Records for the same hostname of any RTYPE may experience degraded performance as content is added or updated, as well as when handling client queries for this name. This issue affects BIND 9 versions 9.11...

7.5CVSS7.5AI score0.02114EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in bind9

It is possible to create a zone such that certain queries to it will generate responses containing numerous records in the Additional section. An attacker sending multiple such queries can cause either the authoritative server or an independent resolver to use excessive resources to process the...

7.5CVSS6.4AI score0.14614EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.1 views

Astra Linux – Vulnerability in bind9

Clients that use DNS-over-HTTPS DoH can exhaust the CPU and/or memory of a DNS resolver by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...

7.5CVSS7.1AI score0.16182EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/12/12 2:15 p.m.12 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/07 7:56 a.m.4 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
Rows per page
Query Builder