Lucene search
+L

2024 matches found

nvd
nvd
added 2 days ago5 views

CVE-2026-50426

Relative path traversal in DNS Server allows an authorized attacker to execute code over an adjacent network...

6.8CVSS0.00367EPSS
Exploits0References1
cve
cve
added 2 days ago8 views

CVE-2026-50426

CVE-2026-50426 : Windows DNS Server contains a relative path traversal vulnerability that could allow an authorized attacker on an adjacent network to execute code. Root cause is traversal of relative paths in DNS Server handling, enabling remote code execution. Reported impact is arbitrary code ...

6.8CVSS6.2AI score0.00367EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago27 views

CVE-2026-49169 Windows DNS Server Remote Code Execution Vulnerability

...

8CVSS0.00496EPSS
Exploits0References1
osv
osv
added 2026/07/09 12:54 p.m.2 views

OESA-2026-2964 dnsmasq security update

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...

5.9CVSS6.2AI score0.00403EPSS
Exploits0References2
fedora
fedora
added 2026/07/04 1:7 a.m.10 views

[SECURITY] Fedora 43 Update: pdns-recursor-5.2.11-1.fc43

PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...

8.2CVSS6.7AI score0.00407EPSS
Exploits0
fedora
fedora
added 2026/07/04 12:51 a.m.6 views

[SECURITY] Fedora 44 Update: pdns-recursor-5.4.3-1.fc44

PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...

8.2CVSS6.5AI score0.00583EPSS
Exploits0
cvelist
cvelist
added 2026/06/26 12:0 a.m.25 views

CVE-2026-36478

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...

0.00386EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/26 12:0 a.m.6 views

CVE-2026-36478

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...

7.5CVSS5.8AI score0.00386EPSS
Exploits0References3
cve
cve
added 2026/06/26 12:0 a.m.16 views

CVE-2026-36478

Technical details for CVE-2026-36478 are not publicly available in the provided documents. The reports describe a DoS condition in Technitium DNS Server v14.3 and earlier but do not disclose root cause, vulnerable components beyond file names. Monitor for updates.

7.5CVSS5.8AI score0.00386EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.6 views

PT-2026-52211

Name of the Vulnerable Software and Affected Versions NSD version 4.14.0 Description NSD contains a memory corruption flaw occurring during the serialization of a zone to disk. The issue stems from improper input validation and bounds checking of the address-family length field within Address...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References12
fedora
fedora
added 2026/06/15 12:51 a.m.10 views

[SECURITY] Fedora 44 Update: bind9-next-9.21.22-2.fc44

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

9.8CVSS5.3AI score0.01844EPSS
Exploits1
nessus
nessus
added 2026/06/08 12:0 a.m.12 views

RHEL 10 : bind (RHSA-2026:24338)

"The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24338 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/05 7:25 p.m.10 views

CVE-2026-0264

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

9.2CVSS6.2AI score0.00474EPSS
Exploits0References1
susecve
susecve
added 2026/05/29 1:23 a.m.17 views

SUSE CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.01387EPSS
Exploits0References5
osv
osv
added 2026/05/28 3:43 p.m.12 views

RLSA-2026:18786 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS6AI score0.1096EPSS
Exploits0References2
fedora
fedora
added 2026/05/25 12:51 a.m.14 views

[SECURITY] Fedora 44 Update: bind-9.18.49-1.fc44

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS5.8AI score0.0181EPSS
Exploits1
osv
osv
added 2026/05/20 1:16 p.m.2 views

CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

5.9CVSS5.9AI score0.01387EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2026/05/20 1:10 p.m.9 views

CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.01387EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/05/20 1:9 p.m.14 views

CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References4
cve
cve
added 2026/05/20 1:9 p.m.112 views

CVE-2026-3039

CVE-2026-3039 affects BIND 9.x when TKEY-based authentication via GSS-API tokens is used; the issue is a memory-exhaustion vulnerability triggered by malicious packets in Active Directory/Kerberos DNS setups. Affected versions span 9.0.0–9.16.50, 9.18.0–9.18.48, 9.20.0–9.20.22, 9.21.0–9.21.21, pl...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder