CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/02/14 12:11 p.m.•1 views

OESA-2025-1105 bind security update

F5 Networks•added 2025/02/14 12:39 a.m.•14 views

K000149797: BIND vulnerability CVE-2024-12705

Security Advisory Description Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 throug...

7.5CVSS7.3AI score0.05622EPSS

Tenable Nessus•added 2025/02/12 12:0 a.m.•8 views

Fedora 41 : bind / bind-dyndb-ldap (2025-3551f3ba1b)

The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-3551f3ba1b advisory. Update to 9.16.33 2342784 Security Fixes: - DNS-over-HTTPS flooding fixes. CVE-2024-12705 - Limit additional section processing for large RDATA sets...

Tenable Nessus•added 2025/02/10 12:0 a.m.•11 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2025:0355-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0355-1 advisory. Update to release 9.18.33 Security Fixes: - CVE-2024-11187: Fixes CPU exhaustion caused by many...

OSV•added 2025/02/05 7:51 p.m.•7 views

Exploits0References7

MGASA-2025-0036 Updated bind packages fix security vulnerabilities

Many records in the additional section cause CPU exhaustion. CVE-2024-11187 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load. CVE-2024-12705...

7.5CVSS7.3AI score0.05622EPSS

Mageia•added 2025/02/05 7:51 p.m.•10 views

Updated bind packages fix security vulnerabilities

Many records in the additional section cause CPU exhaustion. CVE-2024-11187 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load. CVE-2024-12705...

Amazon•added 2025/02/05 12:0 a.m.•5 views

Exploits0References2

Important: bind

Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...

7.5CVSS8AI score0.05622EPSS

Amazon•added 2025/02/05 12:0 a.m.•3 views

Important: bind

SUSE Linux•added 2025/02/04 12:59 p.m.•2 views

Security update for bind

This update for bind fixes the following issues: Update to release 9.18.33 Security Fixes: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when under heavy query load bsc1236597...

8.7CVSS8AI score0.05622EPSS

Exploits0References8

OSV•added 2025/02/04 12:59 p.m.•3 views

SUSE-SU-2025:0355-1 Security update for bind

This update for bind fixes the following issues: Update to release 9.18.33 Security Fixes: - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 - CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when under heavy query load...

7.5CVSS7.8AI score0.05622EPSS

Exploits0References5

Amazon•added 2025/02/04 12:0 a.m.•2 views

Important: bind

Tenable Nessus•added 2025/02/04 12:0 a.m.•19 views

Amazon Linux 2 : bind (ALAS-2025-2751)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2751 advisory. It is possible to construct a zone such that some queries to it will generate responses containing numerous records in t...