CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor the bind path to use free After a bind/unbind cycle, the rndis-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This lead...

5.6AI score0.00166EPSS

8.6CVSS6.5AI score0.0041EPSS

Astra Linux - уязвимость в bind9

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

7.8CVSS7.4AI score0.00673EPSS

Astra Linux – Vulnerability in runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1, and 1.4.0-rc.2, runc did not perform sufficient verification to ensure that the source of the bind-mount i.e., the container’s /dev/null wa...

Exploits2References3

AstraLinux•added 2026/01/13 2:1 p.m.•2 views

Astra Linux – Vulnerability in bind9

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

8.6CVSS6.5AI score0.00509EPSS

5.5CVSS5.7AI score0.00132EPSS

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: genetlink: Fixed the issue where genlbind invokes bind after -EPERM. Callbacks for bind and unbind were introduced to allow systems to track the presence of multicast group consumers. For example, these callbacks can be used to...

7.5CVSS6.4AI score0.1096EPSS

Astra Linux – Vulnerability in bind9

querying records within a specially crafted zone that contain certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

Tenable Nessus•added 2026/01/13 12:0 a.m.•4 views

MiracleLinux 8 : bind9.16-9.16.23-0.22.el8_10.2 (AXSA:2025-9692:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9692:01 advisory. bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187 Tenable has extracted the preceding description block directly from t...

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

MiracleLinux 9 : bind-9.16.23-24.el9_5.3 (AXSA:2025-9697:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9697:03 advisory. bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187 Tenable has extracted the preceding description block directly from t...

Tenable Nessus•added 2026/01/13 12:0 a.m.•2 views

MiracleLinux 7 : bind-9.11.4-26.P2.16.0.5.el7.AXS7 (AXSA:2025-9780:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9780:04 advisory. CVE-2024-11187: fix Denial of Service via Additional Section Resource Exhaustion in BIND 9 CVEs: CVE-2024-11187 It is possible to construct a zone such that...

Tenable Nessus•added 2026/01/13 12:0 a.m.•4 views

MiracleLinux 9 : bind9.18-9.18.29-1.el9_5.1 (AXSA:2025-9706:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9706:01 advisory. bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187 bind: bind9: DNS-over-HTTPS implementation suffers from...

7.5CVSS7.1AI score0.15664EPSS

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

MiracleLinux 9 : bind-9.16.23-31.el9_6.2 (AXSA:2025-11077:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11077:11 advisory. Prevent cache poisoning due to weak PRNG CVE-2025-40780 Address various spoofing attacks CVE-2025-40778 CVE-2025-40778 Under certain circumstances,...

8.6CVSS6.5AI score0.00509EPSS

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

MiracleLinux 8 : bind9.16-9.16.23-0.22.el8_10.4 (AXSA:2025-11061:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11061:02 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the...

8.6CVSS6.5AI score0.00509EPSS

Tenable Nessus•added 2026/01/13 12:0 a.m.•4 views

MiracleLinux 8 : bind-9.11.36-16.el8_10.4 (AXSA:2025-9693:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9693:02 advisory. bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187 Tenable has extracted the preceding description block directly from t...