Lucene search
K

93 matches found

OSV
OSV
added 2026/06/11 6:0 a.m.9 views

RLSA-2026:24365 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

7.5CVSS5.4AI score0.00842EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/06/11 6:0 a.m.12 views

unbound security update

An update is available for unbound. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or DNSS...

8.7CVSS5.5AI score0.00842EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

RockyLinux 8 : unbound (RLSA-2026:24365)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24365 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via...

8.7CVSS5.6AI score0.00842EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/08 10:49 a.m.13 views

Important: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS5.7AI score0.01272EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/08 10:49 a.m.12 views

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.5AI score0.00779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/08 8:53 a.m.16 views

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.5AI score0.00779EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

AlmaLinux 8 : unbound (ALSA-2026:24365)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24365 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via...

8.7CVSS5.6AI score0.00842EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/04 8:54 a.m.10 views

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/30 2:6 a.m.13 views

SUSE CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

7.5CVSS5.8AI score0.00779EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/05/20 11:38 a.m.9 views

CVE-2026-42959

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.7AI score0.00779EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/20 9:20 a.m.11 views

CVE-2026-42959 Crash during DNSSEC validation of malicious content

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 9:20 a.m.51 views

CVE-2026-42959 Crash during DNSSEC validation of malicious content

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS0.00779EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 9:20 a.m.13 views

EUVD-2026-31084

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/04/08 9:16 a.m.11 views

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Artificial Intelligence AI company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos , to find and address security vulnerabilities. The model will be used by a small set of organizations, including...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:33 a.m.6 views

CVE-2024-39010

chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS8.2AI score0.00912EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-0112

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01218EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0114

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01515EPSS
Exploits1References9
Schneier on Security
Schneier on Security
added 2025/09/30 11:6 a.m.4 views

Details of a Scam

Longtime Crypto-Gram readers know that I collect personal experiences of people being scammed. Here's an almost: Then he added, "Here at Chase, we'll never ask for your personal information or passwords." On the contrary, he gave me more information--two "cancellation codes" and a long case numbe...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/22 2:43 p.m.7 views

Beware of Zelle transfer scams

As we have said many times before, falling for a scam can happen to the best of us. And it can ruin lives. In our podcast How a scam hunter got scammed, scam hunter Julie-Anne Kearns talked about how she had been duped by people pretending to be from HMRC, which is the UK’s version of the US...

6.6AI score
Exploits0
NVD
NVD
added 2024/07/30 8:15 p.m.20 views

CVE-2024-39010

chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS0.00912EPSS
Exploits1References1
Rows per page
Query Builder