Lucene search
K

409 matches found

Rockylinux
Rockylinux
added 5 days ago9 views

oci-seccomp-bpf-hook security update

An update is available for oci-seccomp-bpf-hook. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OCI Hook to generate seccomp json files based on EBF syscalls us...

7.5CVSS6.1AI score0.00813EPSS
Exploits0
RedHat Linux
RedHat Linux
added last week4 views

Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added last week5 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References8
Rockylinux
Rockylinux
added 2026/07/07 12:5 p.m.6 views

golang-github-openprinting-ipp-usb security update

An update is available for golang-github-openprinting-ipp-usb. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list HTTP reverse proxy, backed by IPP-over-USB...

7.5CVSS7.2AI score0.00939EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/06 3:20 a.m.9 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/29 3:29 p.m.10 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.3.5

Red Hat OpenShift Service Mesh 3.3.5 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.3....

7.5CVSS6.8AI score0.00813EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 2:40 p.m.3 views

OPENSUSE-SU-2026:21014-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References4
OSV
OSV
added 2026/06/22 2:38 p.m.3 views

SUSE-SU-2026:22338-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/17 3:45 p.m.18 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.33.2.SP1 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

10CVSS5.5AI score0.00606EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2026/06/16 2:20 a.m.13 views

SUSE CVE-2026-45674

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue...

8.7CVSS5.2AI score0.00224EPSS
Exploits0References4
NVD
NVD
added 2026/06/12 3:16 p.m.19 views

CVE-2026-45674

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue...

10CVSS0.00224EPSS
Exploits0References11
OSV
OSV
added 2026/06/12 3:16 p.m.7 views

UBUNTU-CVE-2026-45674

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue...

10CVSS5.3AI score0.00224EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/12 2:17 p.m.34 views

CVE-2026-45674 Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue...

8.7CVSS0.00224EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.9 views

EulerOS Virtualization 2.13.1 : avahi (EulerOS-SA-2026-2365)

According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc...

6.5CVSS5.5AI score0.00252EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.24 views

EulerOS Virtualization 2.13.0 : avahi (EulerOS-SA-2026-2394)

According to the versions of the avahi packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc...

6.5CVSS5.4AI score0.00252EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2026/06/09 11:5 a.m.51 views

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-24401: uncontrolled recursion in lookuphandlecname can crash the avahi-daemon bsc1257235. CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. Patch Instructions: To install this SUSE updat...

6.5CVSS5.4AI score0.00252EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2026-2235)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below,...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/08 11:2 p.m.17 views

Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

Summary Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Details In io.netty.resolver.dns.DnsResolveContextbuildAliasMap, the resolver processes the ANSWER section of a DNS response and blindly caches all CNAME records it finds. According to...

10CVSS5.5AI score0.00224EPSS
Exploits0References13Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.22 views

PT-2026-47610

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.135.Final Netty versions prior to 4.2.15.Final Description Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. In the buildAliasMap function within...

10CVSS5.2AI score0.00224EPSS
Exploits0References64
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.25 views

PT-2026-47554

Summary Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Details In io.netty.resolver.dns.DnsResolveContextbuildAliasMap, the resolver processes the ANSWER section of a DNS response and blindly caches all CNAME records it finds. According to...

8.7CVSS5.5AI score
Exploits0References5
Rows per page
Query Builder