EUVD-2022-15542

Malicious code in bioql PyPI...

Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2023-010)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-010 advisory. A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This...

K56105136: BIND vulnerability CVE-2022-0396

Security Advisory Description BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client ha...

Oracle Linux 8 : bind9.16 (ELSA-2022-7643)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7643 advisory. - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify...

AlmaLinux 8 : bind9.16 (ALSA-2022:7643)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7643 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9...

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2022:2713-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2713-1 advisory. - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of...

CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

CVE-2022-0396

CVE-2022-0396 affects BIND’s TCP stream handling in 9.16.11–9.16.26 (and 9.17.0–9.18.0 for DP/G‑ed editions). The flaw allows specially crafted TCP streams to keep connections in CLOSE_WAIT indefinitely, enabling denial of service on affected servers. Connected advisories indicate fixes in newer ...

CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

Debian DSA-5105-1 : bind9 - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5105 advisory. Two vulnerabilities were found in the BIND DNS server, which could result in denial of service or cache poisoning. For the oldstable distribution buster, thi...

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current bind Multiple Vulnerabilities (SSA:2022-076-01)

The version of bind installed on the remote host is prior to 9.11.37 / 9.18.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-076-01 advisory. - BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition...

UBUNTU-CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

CVE-2020-1700

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by...

CVE-2020-1700

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by...

CVE-2020-1700

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by...

CVE-2018-1786

CVE-2018-1786 affects IBM Spectrum Protect Client/API (dsmc/dsmcad) and related components where TCP/IP sockets accumulate in CLOSE_WAIT, causing TCP/IP resource leakage and potential DoS. The vulnerability impacts IBM Spectrum Protect Client/API 7.1.x (notably 7.1.8.0/7.1.8.3) and 8.1.x (notably...

Oracle Java JDK/JRE < 1.8.0.131 / Apache Xerces 2.11.0 - 'PDF/Docx' Server Side Denial of Service

Vulnerabilities Summary The following advisory describes two 2 vulnerabilities found in Oracle Java JDK/JRE 1.8.0.131 and previous versions packages and Apache Xerces 2.11.0 The vulnerabilities are: Oracle JDK/JRE Concurrency-Related Denial of Service java.net.URLConnection with no...