Lucene search
K

713 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-25220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier...

6.8CVSS8.9AI score0.0325EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.4 views

RHEL 8 : bind9.16 (RHSA-2025:22168)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22168 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

8.6CVSS6.9AI score0.0325EPSS
Exploits1References8
EUVD
EUVD
added 2025/12/01 3:30 p.m.9 views

EUVD-2024-55104

An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack...

7.5CVSS6.4AI score0.0028EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.4 views

RockyLinux 10 : bind (RLSA-2025:21034)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21034 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 bind: Resource exhaustion via...

8.6CVSS6.7AI score0.1096EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.4 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: bind (UTSA-2025-990939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990939 advisory. Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects...

8.6CVSS6.5AI score0.00509EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/11/20 9:12 p.m.8 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.6CVSS6.9AI score0.0325EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/11/19 6:27 a.m.7 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

8.6CVSS6.9AI score0.0325EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/11/19 4:4 a.m.3 views

bind: Cache poisoning attacks with unsolicited RRs

A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...

8.6CVSS6AI score0.00509EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/19 12:0 a.m.6 views

RHEL 8 : bind (RHSA-2025:21740)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21740 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

8.6CVSS6.9AI score0.0325EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/12 10:44 a.m.5 views

bind: Cache poisoning due to weak PRNG

A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...

8.6CVSS6.1AI score0.00454EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/06 1:57 p.m.13 views

Security Bulletin: IBM Financial Transaction Manager is impacted by a DNS cache poisoning vulnerability in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerability. Vulnerability Details CVEID:CVE-2025-40778 DESCRIPTION: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into t...

8.6CVSS6.8AI score0.00509EPSS
Exploits1Affected Software1
EUVD
EUVD
added 2025/10/22 6:30 p.m.11 views

EUVD-2025-35581

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

8.6CVSS6.4AI score0.00509EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/10/22 3:58 p.m.7 views

CVE-2025-40778

A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...

8.6CVSS9.2AI score0.00509EPSS
Exploits1References3
OSV
OSV
added 2025/10/15 2:15 p.m.6 views

CVE-2025-59781

When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References1
Wolfi
Wolfi
added 2025/10/11 1:47 p.m.13 views

CVE-2025-59530 vulnerabilities

Vulnerabilities for packages: ipfs-cluster, q, kubernetes-dns-node-cache, kubo, kargo, spegel, kyverno-policy-reporter-ui, dkron, k3s, traefik, caddy, teleport, frp, k8sgateway...

7.5CVSS6.1AI score0.00438EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-3894

Malware in sbrugna...

5.4CVSS6.4AI score0.00817EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-2192

Malware in sbrugna...

5CVSS6.4AI score0.02399EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-1999-0024

Malware in sbrugna...

5CVSS6.1AI score0.04935EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-9392

Malware in sbrugna...

8.3CVSS8.1AI score0.03145EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-0534

Malware in sbrugna...

7.5CVSS6.4AI score0.07999EPSS
Exploits0References17
Rows per page
Query Builder