CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2024/07/23 3:15 p.m.•25 views

CVE-2024-1975

7.5CVSS7.7AI score0.02114EPSS

Exploits0References4

OSV•added 2024/07/23 3:15 p.m.•3 views

DEBIAN-CVE-2024-0760

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

7.5CVSS7.9AI score0.0468EPSS

OSV•added 2024/07/23 3:15 p.m.•1 views

ALPINE-CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

7.5CVSS7AI score0.02114EPSS

OSV•added 2024/07/23 3:15 p.m.•4 views

AZL-47030 CVE-2024-1737 affecting package dhcp for versions less than 4.4.3.P1-2

7.5CVSS7.2AI score0.02114EPSS

OSV•added 2024/07/23 3:15 p.m.•1 views

DEBIAN-CVE-2024-1737

7.5CVSS7.9AI score0.02114EPSS

Cvelist•added 2024/07/23 2:40 p.m.•24 views

CVE-2024-4076 Assertion failure when serving both stale cache data and authoritative zone content

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

7.5CVSS0.02111EPSS

Vulnrichment•added 2024/07/23 2:40 p.m.•19 views

CVE-2024-4076 Assertion failure when serving both stale cache data and authoritative zone content

7.5CVSS6.6AI score0.02111EPSS

CVE•added 2024/07/23 2:40 p.m.•331 views

CVE-2024-4076

CVE-2024-4076: ISC BIND can trigger an assertion failure when serving both stale cache data and authoritative zone content. Affects multiple BIND 9 releases (e.g., 9.16.13–9.16.50, 9.18.0–9.18.27, 9.19.0–9.19.24 and corresponding S1 variants; see references). Consequence is denial of service via ...

7.5CVSS7.5AI score0.02111EPSS

Exploits0References4

Debian CVE•added 2024/07/23 2:40 p.m.•29 views

CVE-2024-4076

7.5CVSS7.8AI score0.02111EPSS

AlpineLinux•added 2024/07/23 2:40 p.m.•15 views

CVE-2024-4076

7.5CVSS9.3AI score0.02111EPSS

Cvelist•added 2024/07/23 2:38 p.m.•23 views

CVE-2024-1975 SIG(0) can be used to exhaust CPU resources

7.5CVSS0.02114EPSS

Vulnrichment•added 2024/07/23 2:38 p.m.•16 views

CVE-2024-1975 SIG(0) can be used to exhaust CPU resources

7.5CVSS6.8AI score0.02114EPSS

CVE•added 2024/07/23 2:38 p.m.•324 views

CVE-2024-1975

CVE-2024-1975 describes a denial-of-service in ISC BIND where a client can exhaust resolver CPU by sending a flood of SIG(0) signed requests if a zone contains a KEY RR or DNSSEC validation occurs from cache. Affected are BIND 9.x builds listed in the CVE description (notably older 9.x releases u...

7.5CVSS7.6AI score0.02114EPSS

Exploits0References4

Debian CVE•added 2024/07/23 2:38 p.m.•15 views

CVE-2024-1975

7.5CVSS7.9AI score0.02114EPSS

AlpineLinux•added 2024/07/23 2:38 p.m.•21 views

CVE-2024-1975

7.5CVSS9.5AI score0.02114EPSS