Lucene search
K

11999 matches found

OSV
OSV
added 2023/07/10 5:3 p.m.7 views

CLSA-2023-1689008612 bind: Fix of CVE-2023-2828

CVE-2023-2828: fix possible DoS due to cache size limit exceed...

7.5CVSS7.3AI score0.03776EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/07/10 4:13 p.m.4 views

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

7.5CVSS7.1AI score0.03776EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/07/10 4:13 p.m.37 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS7.1AI score0.03776EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/07/10 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2023:2794-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/07/10 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2023:2793-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/10 12:0 a.m.32 views

RHEL 9 : bind (RHSA-2023:4005)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4005 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

7.5CVSS7.4AI score0.03776EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2023/07/08 2:54 a.m.9 views

DL1 bug fix and enhancement update

An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/07/08 12:0 a.m.29 views

SUSE SLES15: bind / bind-chrootenv / bind-devel / bind-devel-32bit / bind-doc / etc (SUSE-SU-2023:2794-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2794-1 advisory. - CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm bsc1212544. Tenable h...

7.5CVSS7.5AI score0.03776EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/08 12:0 a.m.25 views

SUSE SLES12: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2023:2793-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2793-1 advisory. - CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm bsc1212544. Tenable has extracted t...

7.5CVSS7.5AI score0.03776EPSS
Exploits0References4
OSV
OSV
added 2023/07/07 10:36 a.m.12 views

SUSE-SU-2023:2794-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm bsc1212544...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References3
OSV
OSV
added 2023/07/07 9:34 a.m.12 views

SUSE-SU-2023:2793-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm bsc1212544...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/07/07 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2023:2789-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/07 12:0 a.m.27 views

SUSE SLES12: bind / bind-chrootenv / bind-doc / bind-libs / bind-libs-32bit / etc (SUSE-SU-2023:2789-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:2789-1 advisory. - CVE-2023-2828: Fixed DOS against recursive resolvers related to cache-cleaning algorithm bsc1212544. Tenable has extracted the preceding description...

7.5CVSS7.5AI score0.03776EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/07/06 8:51 p.m.25 views

Graylog vulnerable to insecure source port usage for DNS queries

Summary Graylog utilises only one single source port for DNS queries. Details Graylog seems to bind a single socket for outgoing DNS queries. That socket is bound to a random port number which is not changed again. This goes against recommended practice since 2008, when Dan Kaminsky discovered ho...

5.3CVSS6.7AI score0.00295EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/07/06 11:10 a.m.13 views

SUSE-SU-2023:2789-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-2828: Fixed DOS against recursive resolvers related to cache-cleaning algorithm bsc1212544...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.18 views

PT-2023-3974 · Linux +10 · Linux Kernel +10

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability in the Linux kernel's net/sched: cls fw component can be exploited to achieve local privilege escalation. If tcf change indev fails, fw set parms will...

10CVSS6.3AI score0.60631EPSS
Exploits54References1082
Redos
Redos
added 2023/07/06 12:0 a.m.26 views

ROS-2-1199

2.1199 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

8.6AI score0.83406EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.9 views

ROS-2-1909

2.1909 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.10 views

ROS-2-1771

2.1771 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.7AI score0.83406EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.18 views

ROS-2-1172

2.1172 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

7.3AI score
Exploits0
Rows per page
Query Builder