Lucene search
K

46 matches found

SUSE CVE
SUSE CVE
added 2023/02/22 2:54 a.m.6 views

SUSE CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.5CVSS6.8AI score0.00708EPSS
Exploits0References3
OSV
OSV
added 2023/02/21 2:15 a.m.7 views

DEBIAN-CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.5CVSS7.3AI score0.00708EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.5 views

SUSE CVE-2010-2490

Mumble: murmur-server has DoS due to malformed client query...

6.5CVSS7AI score0.01604EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/01/25 9:39 p.m.19 views

CVE-2022-3924 named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

7.5CVSS6.7AI score0.15989EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.21 views

EulerOS Virtualization 2.9.0 : dhcp (EulerOS-SA-2023-1218)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported...

7.5CVSS6.8AI score0.11296EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2022/12/23 1:37 p.m.28 views

FrodoPIR: New Privacy-Focused Database Querying System

The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, scanning passwords against breached...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/08/10 12:0 a.m.38 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2022:2713-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2713-1 advisory. - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver...

6.8CVSS6.7AI score0.08001EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2022/03/01 12:0 a.m.20 views

EulerOS 2.0 SP5 : bind (EulerOS-SA-2022-1261)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as wel...

5.3CVSS6.3AI score0.08001EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/29 12:0 a.m.34 views

Ubuntu 16.04 ESM : Bind vulnerability (USN-5126-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5126-2 advisory. USN-5126-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

5.3CVSS6.3AI score0.08001EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/10/28 12:0 a.m.22 views

ISC BIND DoS Vulnerability (CVE-2021-25219)

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

5.3CVSS5.8AI score0.08001EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/10/25 5:58 p.m.6 views

redis: Integer overflow issue with Streams

An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...

7.5CVSS7.7AI score0.03688EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/10/20 2:0 p.m.5 views

redis: Integer overflow issue with Streams

An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...

7.5CVSS7.7AI score0.03688EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the configuration parameters `proto-max-bulk-len` and `client-query-buffer-limit` of the Redis database management system allows a hacker to execute arbitrary code.

The vulnerability of the Redis database management system’s configuration parameters, proto-max-bulk-len and client-query-buffer-limit, is related to the possibility of integer overflow in the buffer. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS6.9AI score0.03688EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2021/10/04 6:15 p.m.5 views

ALPINE-CVE-2021-32627

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

7.5CVSS8.3AI score0.03688EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/10/04 12:0 a.m.5 views

PT-2021-4341 · Redis +9 · Redis +9

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 5.0.14 Redis versions prior to 6.0.16 Redis versions prior to 6.2.6 Description: The issue is related to an integer overflow bug in Redis that can be exploited to corrupt the heap and potentially result in remote code...

9CVSS7AI score0.31049EPSS
Exploits3References137
Tenable Nessus
Tenable Nessus
added 2021/05/03 12:0 a.m.47 views

Debian DSA-4909-1 : bind9 - security update

Several vulnerabilities were discovered in BIND, a DNS server implementation. - CVE-2021-25214 Greg Kuechle discovered that a malformed incoming IXFR transfer could trigger an assertion failure in named, resulting in denial of service. - CVE-2021-25215 Siva Kakarla discovered that named could cra...

9.8CVSS7.6AI score0.82367EPSS
Exploits0References12
NVD
NVD
added 2019/10/31 4:15 p.m.19 views

CVE-2010-2490

Mumble: murmur-server has DoS due to malformed client query...

6.5CVSS6.5AI score0.01604EPSS
Exploits0References3
OSV
OSV
added 2019/10/31 4:15 p.m.3 views

DEBIAN-CVE-2010-2490

Mumble: murmur-server has DoS due to malformed client query...

6.5CVSS6.4AI score0.01604EPSS
Exploits0References1
OSV
OSV
added 2019/10/31 4:15 p.m.9 views

CVE-2010-2490

Mumble: murmur-server has DoS due to malformed client query...

6.5CVSS6.7AI score0.01604EPSS
Exploits0References6
Prion
Prion
added 2019/10/31 4:15 p.m.18 views

Code injection

Mumble: murmur-server has DoS due to malformed client query...

4CVSS7AI score0.01604EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder