CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2024/08/15 7:9 p.m.•9 views

USN-6909-3 bind9 vulnerabilities

7.5CVSS7.2AI score0.02114EPSS

Exploits0References3

AlpineLinux•added 2024/08/15 6:32 p.m.•24 views

CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

10CVSS6.5AI score0.01283EPSS

Exploits1

CVE•added 2024/08/15 6:32 p.m.•235 views

CVE-2024-42472

CVE-2024-42472 affects Flatpak before 1.14.0/1.15.10 and allows a malicious or compromised Flatpak app using persistent directories to access or write files outside the sandbox. The root cause is a symlink-following issue when mounting persistent (persist) directories, causing the bind mount to f...

10CVSS9.3AI score0.01283EPSS

Exploits1References11Affected Software1

RedHat Linux•added 2024/08/15 7:27 a.m.•3 views

bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS5.8AI score0.02114EPSS

RedHat Linux•added 2024/08/15 7:27 a.m.•2 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS

RedHat Linux•added 2024/08/15 7:27 a.m.•61 views

Important: Red Hat Security Advisory: bind and bind-dyndb-ldap security update

An update for bind and bind-dyndb-ldap is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.3AI score0.02114EPSS

Microsoft CVE•added 2024/08/15 7:0 a.m.•3 views

BIND's database will be slow if a very large number of RRs exist at the same name

...

7.5CVSS8.9AI score0.02114EPSS

RedHat Linux•added 2024/08/15 1:57 a.m.•1 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

7.5CVSS5.7AI score0.02114EPSS

RedHat Linux•added 2024/08/15 1:57 a.m.•3 views

bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content

A flaw was found in the bind9 package, where a client query triggers stale data and also requires local lookups may trigger a assertion failure. This issue results in a denial of service of the bind server...

7.5CVSS7.3AI score0.02111EPSS

Tenable Nessus•added 2024/08/15 12:0 a.m.•28 views

RHEL 8 : bind9.16 (RHSA-2024:5390)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5390 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

Amazon•added 2024/08/15 12:0 a.m.•10 views

Important: bind

Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...

7.5CVSS7.1AI score0.02114EPSS

Amazon•added 2024/08/15 12:0 a.m.•3 views

Important: bind

7.5CVSS6.5AI score0.02114EPSS

Tenable Nessus•added 2024/08/15 12:0 a.m.•16 views

Ubuntu 16.04 LTS : Bind vulnerabilities (USN-6909-3)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-3 advisory. USN-6909-1 fixed vulnerabilities in Bind. This update provides the corresponding updates for Ubuntu 16.04 LTS. Tenable has extracted the preceding...

7.5CVSS8AI score0.02114EPSS

Exploits0References3

OSV•added 2024/08/15 12:0 a.m.•16 views

ALSA-2024:5231 Important: bind and bind-dyndb-ldap security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

Tenable Nessus•added 2024/08/15 12:0 a.m.•42 views

RHEL 9 : bind and bind-dyndb-ldap (RHSA-2024:5231)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5231 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

Tenable Nessus•added 2024/08/15 12:0 a.m.•19 views

RHEL 8 : bind9.16 (RHSA-2024:5418)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5418 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...