Lucene search
+L

3737 matches found

RedHat Linux
RedHat Linux
added 2026/06/08 3:16 a.m.114 views

bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API Generic Security Service Application Program Interface tokens. This can lead to excessive memory consumption,...

7.5CVSS5.5AI score0.01047EPSS
Exploits0References4
OSV
OSV
added 2026/06/06 6:0 a.m.12 views

RLSA-2026:23360 Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/04 3:27 p.m.14 views

bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API Generic Security Service Application Program Interface tokens. This can lead to excessive memory consumption,...

7.5CVSS5.8AI score0.01047EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/03 2:53 p.m.3 views

postgresql: PostgreSQL: Denial of Service via uncontrolled recursion in SSL/GSS negotiation

A flaw was found in PostgreSQL. Uncontrolled recursion during SSL Secure Sockets Layer and GSS Generic Security Service negotiation allows an attacker to achieve a sustained denial of service. This can be exploited by an attacker with access to a PostgreSQL AFUNIX socket. If SSL and GSS are both...

7.5CVSS6.9AI score0.00471EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.17 views

Ubuntu 25.10 / 26.04 LTS : OpenJDK 26 vulnerabilities (USN-8341-1)

The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8341-1 advisory. Thomas Beckers discovered that the JAXP component of OpenJDK 26 did not correctly authenticate certain APIs. A remote unauthenticated attacker...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.20 views

Ubuntu 25.10 / 26.04 LTS : CRaC JDK 25 vulnerabilities (USN-8334-1)

The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8334-1 advisory. Thomas Beckers discovered that the JAXP component of CRaC JDK 25 did not correctly authenticate certain APIs. A remote unauthenticated attacker...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References10
OSV
OSV
added 2026/05/28 3:51 p.m.16 views

USN-8339-1 openjdk-25 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 25 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References10
OSV
OSV
added 2026/05/28 12:5 p.m.19 views

USN-8334-1 openjdk-25-crac vulnerabilities

Thomas Beckers discovered that the JAXP component of CRaC JDK 25 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of CRa...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References10
OSV
OSV
added 2026/05/28 12:1 p.m.21 views

USN-8333-1 openjdk-21-crac vulnerabilities

Thomas Beckers discovered that the JAXP component of CRaC JDK 21 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of CRa...

7.5CVSS5.8AI score0.00702EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2026/05/28 11:45 a.m.27 views

USN-8331-1: OpenJDK 11 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 11 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

7.5CVSS7.2AI score0.00702EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/05/28 11:38 a.m.34 views

USN-8330-1: OpenJDK 8 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 8 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the JSSE component of OpenJDK 8 d...

7.5CVSS7.2AI score0.00702EPSS
Exploits0
OSV
OSV
added 2026/05/28 6:12 a.m.19 views

USN-8327-1 openjdk-17 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 17 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

7.5CVSS5.9AI score0.00702EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/05/27 12:18 p.m.10 views

CVE-2026-45964

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

5.5CVSS5.7AI score0.0016EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/26 11:31 p.m.2 views

postgresql: PostgreSQL: Denial of Service via uncontrolled recursion in SSL/GSS negotiation

A flaw was found in PostgreSQL. Uncontrolled recursion during SSL Secure Sockets Layer and GSS Generic Security Service negotiation allows an attacker to achieve a sustained denial of service. This can be exploited by an attacker with access to a PostgreSQL AFUNIX socket. If SSL and GSS are both...

7.5CVSS6.9AI score0.00471EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/26 9:0 a.m.20 views

CVE-2026-42002

A flaw was found in pdns-recursor. Concurrency and locking defects in the Generic Security Service Algorithm for Secret Key Transaction Signatures GSS-TSIG could allow a remote attacker to cause a denial of service...

7.5CVSS5.8AI score0.00264EPSS
Exploits0References2
Redos
Redos
added 2026/05/24 12:0 a.m.58 views

ROS-20260524-73-0009

A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...

5.3CVSS7.2AI score0.0028EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/23 8:1 a.m.19 views

BIND 9 server memory exhaustion during GSS-API TKEY negotiation

...

7.5CVSS5.8AI score0.01047EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/21 12:37 p.m.11 views

CVE-2026-3039

A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API Generic Security Service Application Program Interface tokens. This can lead to excessive memory consumption,...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 9:27 a.m.11 views

EUVD-2026-31260

Concurrency and locking defects in GSS-TSIG...

5.9CVSS5.8AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 1:9 p.m.96 views

CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS0.01047EPSS
Exploits0References4
Rows per page
Query Builder