46 matches found
SUSE CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
DEBIAN-CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
SUSE CVE-2010-2490
Mumble: murmur-server has DoS due to malformed client query...
CVE-2022-3924 named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota
This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...
EulerOS Virtualization 2.9.0 : dhcp (EulerOS-SA-2023-1218)
According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported...
FrodoPIR: New Privacy-Focused Database Querying System
The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, scanning passwords against breached...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2022:2713-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2713-1 advisory. - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver...
EulerOS 2.0 SP5 : bind (EulerOS-SA-2022-1261)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as wel...
Ubuntu 16.04 ESM : Bind vulnerability (USN-5126-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5126-2 advisory. USN-5126-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...
ISC BIND DoS Vulnerability (CVE-2021-25219)
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
redis: Integer overflow issue with Streams
An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...
redis: Integer overflow issue with Streams
An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...
The vulnerability of the configuration parameters `proto-max-bulk-len` and `client-query-buffer-limit` of the Redis database management system allows a hacker to execute arbitrary code.
The vulnerability of the Redis database management system’s configuration parameters, proto-max-bulk-len and client-query-buffer-limit, is related to the possibility of integer overflow in the buffer. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
ALPINE-CVE-2021-32627
Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...
PT-2021-4341 · Redis +9 · Redis +9
Name of the Vulnerable Software and Affected Versions: Redis versions prior to 5.0.14 Redis versions prior to 6.0.16 Redis versions prior to 6.2.6 Description: The issue is related to an integer overflow bug in Redis that can be exploited to corrupt the heap and potentially result in remote code...
Debian DSA-4909-1 : bind9 - security update
Several vulnerabilities were discovered in BIND, a DNS server implementation. - CVE-2021-25214 Greg Kuechle discovered that a malformed incoming IXFR transfer could trigger an assertion failure in named, resulting in denial of service. - CVE-2021-25215 Siva Kakarla discovered that named could cra...
CVE-2010-2490
Mumble: murmur-server has DoS due to malformed client query...
DEBIAN-CVE-2010-2490
Mumble: murmur-server has DoS due to malformed client query...
CVE-2010-2490
Mumble: murmur-server has DoS due to malformed client query...
Code injection
Mumble: murmur-server has DoS due to malformed client query...