CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

Astra Linux - уязвимость в unbound

The DNS protocol in RFC 1035 and its updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries to be accumulated over seconds. As a result, responses are sent in a pulsing burst, which can be considered traffic amplification in some cases. This...

CVE-2026-4437

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...

CVE-2025-64163

DataEase is an open source data visualization analysis tool. In versions 2.10.14 and below, the vendor added a blacklist to filter ldap:// and ldaps://. However, omission of protection for the dns:// protocol results in an SSRF vulnerability. This issue is fixed in version 2.10.15...

CVE-2025-64163

DataEase, an open source data visualization/analysis tool, has a SSRF vulnerability in version 2.10.14 and earlier due to incomplete filtering for the dns:// protocol. The blacklist only filters ldap:// and ldaps://, leaving dns:// unprotected and allowing potential server-side requests to intern...

CVE-2025-64163 DataEase's DB2 is vulnerable to SSRF

DataEase is an open source data visualization analysis tool. In versions 2.10.14 and below, the vendor added a blacklist to filter ldap:// and ldaps://. However, omission of protection for the dns:// protocol results in an SSRF vulnerability. This issue is fixed in version 2.10.15...

EUVD-2019-0162

Malware in sbrugna...

EUVD-2004-0787

Malware in sbrugna...

EUVD-2020-3392

Malware in sbrugna...

EUVD-2019-1729

Malware in sbrugna...

EUVD-2025-16006

Malicious code in bioql PyPI...

NewStart CGSL MAIN 7.02 : unbound Multiple Vulnerabilities (NS-SA-2025-0125)

The remote NewStart CGSL host, running version MAIN 7.02, has unbound packages installed that are affected by multiple vulnerabilities: - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name...

K000152700: BIND vulnerability CVE-2025-40775

Security Advisory Description When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20...

CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

Linux Distros Unpatched Vulnerability : CVE-2024-33655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries to be accumulate...

Azure Linux 3.0 Security Update: unbound (CVE-2024-33655)

The version of unbound installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-33655 advisory. - The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource...

EulerOS 2.0 SP10 : unbound (EulerOS-SA-2025-1015)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries t...

Security Bulletin: IBM Technical Support Appliance - possible excessive CPU usage or denial of service

Summary DNS protocol allows teh IBM Technical Suport Appliance to resolve hostnames to their corresponding IP address. Vulnerability Details CVEID:CVE-2023-4408 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when parsing large DNS messages. By flooding the target...