Lucene search
K

274 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : bind (EulerOS-SA-2026-2475)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...

7.5CVSS6.1AI score0.01545EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 2:16 p.m.7 views

CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS0.00352EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 1:1 p.m.5 views

CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/25 1:1 p.m.10 views

CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/22 1:55 p.m.33 views

CVE-2026-12725 Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply su...

5.9CVSS0.00406EPSS
Exploits0References2
CVE
CVE
added 2026/06/22 1:55 p.m.22 views

CVE-2026-12725

CVE-2026-12725 affects dnsmasq. The flaw is a heap-based buffer overflow in the log_query() path when DNSSEC validation and query logging are both enabled and DNS responses contain DS/DNSKEY records with unsupported algorithm or digest types. This can cause dnsmasq to write past the end of an int...

5.9CVSS6.1AI score0.00406EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2026:2458-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2458-1 advisory. This update for dnsmasq fixes the following issues - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or...

8.8CVSS7.5AI score0.07237EPSS
Exploits4References22
OSV
OSV
added 2026/06/18 3:54 p.m.4 views

SUSE-SU-2026:2458-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds read...

8.8CVSS6.2AI score0.07237EPSS
Exploits4References15
OSV
OSV
added 2026/06/18 2:32 p.m.2 views

SUSE-SU-2026:22213-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.5AI score0.01272EPSS
Exploits0References23
OSV
OSV
added 2026/06/18 2:31 p.m.2 views

OPENSUSE-SU-2026:21083-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.4AI score0.01272EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

SUSE SLES15 Security Update : unbound (SUSE-SU-2026:2369-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2369-1 advisory. This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278:...

10CVSS6.7AI score0.01272EPSS
Exploits0References34
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

EulerOS Virtualization 2.13.0 : bind (EulerOS-SA-2026-2395)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/06/11 12:22 p.m.6 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
OSV
OSV
added 2026/06/11 12:22 p.m.4 views

SUSE-SU-2026:2369-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: 'Ghost domain name' variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.2AI score0.01272EPSS
Exploits0References23
OSV
OSV
added 2026/06/11 12:3 p.m.5 views

RLSA-2026:24369 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

8.1CVSS5.6AI score0.01272EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

Debian dla-4625 : dnsmasq - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4625 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4625-1 [email protected]...

8.8CVSS5.9AI score0.07237EPSS
Exploits3References12
Debian
Debian
added 2026/06/10 11:15 a.m.8 views

[SECURITY] [DLA 4625-1] dnsmasq security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4625-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout June 10, 2026 https://wiki.debian.org/LTS -...

8.8CVSS5.9AI score0.07237EPSS
Exploits3
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.6 views

FreeBSD -- Multiple vulnerabilities in unbound

Problem Description: Multiple vulnerabilities have been reported in Unbound. Instead of listing detailed writeups for each issue, please see the upstream advisories referenced below. CVE-2026-32792: Packet of death with DNSCrypt CVE-2026-33278: Possible remote code execution during DNSSEC...

10CVSS6.3AI score0.01272EPSS
Exploits0
OSV
OSV
added 2026/06/08 1:17 p.m.13 views

USN-8402-1 systemd vulnerabilities

It was discovered that systemd-nspawn incorrectly handled certain optional configuration files. A local attacker could possibly use this issue to escape to the host system and execute arbitrary code. CVE-2026-40226 It was discovered that systemd-resolved incorrectly validated DNSSEC records for...

6.4CVSS6.9AI score0.00849EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/06/05 12:12 p.m.10 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
Rows per page
Query Builder