RockyLinux 9 : bind9.18 (RLSA-2026:24368)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24368 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

CVE-2026-32254 Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

CVE-2026-32254 Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

NewStart CGSL MAIN 6.06 (SP) : systemd Multiple Vulnerabilities (NS-SA-2026-0021)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has systemd packages installed that are affected by multiple vulnerabilities: - A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus...

Security update for ruby2.5

This update for ruby2.5 fixes the following issues: CVE-2024-35221: Fixed remote DoS via YAML manifest bsc1225905 CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930 CVE-2024-49761: Fixed ReDOS vulnerability by updating REXML to 3.3.9 bsc1232440 CVE-2025-24294: Fixed denial of...

NewStart CGSL MAIN 6.06 : systemd Multiple Vulnerabilities (NS-SA-2025-0220)

The remote NewStart CGSL host, running version MAIN 6.06, has systemd packages installed that are affected by multiple vulnerabilities: - A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages....

TencentOS Server 4: unbound (TSSA-2024:0285)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0285 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-1207 phjounin TFTPD64 DNS denial of service

A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather...

CVE-2025-1207 phjounin TFTPD64 DNS denial of service

A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather...

EulerOS 2.0 SP10 : unbound (EulerOS-SA-2025-1032)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries t...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.10055)

The version of AHV installed on the remote host is prior to 20220304.10055. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.10055 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S...

CVE-2016-2224

The decodedotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service infinite loop via vectors involving compressed items in a reply...

Moderate: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Default credentials

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

CVE-2007-6341

Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service program "croak" via a crafted DNS response...

CVE-2007-6341

Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service program "croak" via a crafted DNS response...