CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

861 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•8 views

Astra Linux – Vulnerability in bind9

In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and...

9.8CVSS8.9AI score0.83406EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the loop termination condition in gssfreeintokenpages. The intoken-pages array is not NULL-terminated. This results in the following KASAN issue: KASAN: Potential wild-memory-access in the range...

5.5CVSS6.3AI score0.00269EPSS

Exploits0References2

Tenable Nessus•added 2026/06/14 12:0 a.m.•7 views

SUSE SLED15 / SLES15 Security Update : mutt (SUSE-SU-2026:2301-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2301-1 advisory. This update for mutt fixes the following issues - CVE-2026-43859: strfcpy used instead of memcpy for the IMAP...

3.7CVSS5.4AI score0.00201EPSS

Exploits0References20

Tenable Nessus•added 2026/06/12 12:0 a.m.•11 views

AlmaLinux 9 : kernel (ALSA-2026:24381)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24381 advisory. kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786...

8.1CVSS6.9AI score0.00378EPSS

Exploits4References5

Tenable Nessus•added 2026/06/12 12:0 a.m.•9 views

EulerOS Virtualization 2.13.1 : openssh (EulerOS-SA-2026-2382)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjuncti...

8.1CVSS7.2AI score0.01962EPSS

Exploits0References7

OSV•added 2026/06/11 6:0 a.m.•7 views

RLSA-2026:24339 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.00966EPSS

Exploits0References3

Tenable Nessus•added 2026/06/11 12:0 a.m.•11 views

RockyLinux 10 : bind (RLSA-2026:24338)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24338 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

7.5CVSS5.5AI score0.00966EPSS

Exploits0References5

Tenable Nessus•added 2026/06/11 12:0 a.m.•8 views

RockyLinux 9 : bind9.18 (RLSA-2026:24368)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24368 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

7.5CVSS5.5AI score0.00966EPSS

Exploits0References5

RedHat Linux•added 2026/06/09 1:12 a.m.•9 views

krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of...

5.9CVSS5.5AI score0.0046EPSS

Exploits0References7

SUSE Linux•added 2026/06/08 1:54 p.m.•7 views

Security update for mutt

This update for mutt fixes the following issues CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. CVE-2026-43861: missing check for \0 in urlpctdecode bsc1263895...

6.9CVSS5.4AI score0.00201EPSS

Exploits0References26

Amazon•added 2026/06/08 12:0 a.m.•8 views

Important: bind

Issue Overview: Fix GSS-API resource leak CVE-2026-3039 An unauthenticated remote attacker can crash any affected named instance with a single crafted DNS message, causing denial of service. Both authoritative servers and resolvers are affected. CVE-2026-5946 Affected Packages: bind Note: This...

7.5CVSS5.5AI score0.00966EPSS

Exploits0

Tenable Nessus•added 2026/06/08 12:0 a.m.•8 views

AlmaLinux 10 : bind (ALSA-2026:24338)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24338 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

7.5CVSS5.6AI score0.00966EPSS

Exploits0References4

Tenable Nessus•added 2026/06/08 12:0 a.m.•9 views

RHEL 9 : bind (RHSA-2026:24367)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24367 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

7.5CVSS5.6AI score0.00966EPSS

Exploits0References6

Tenable Nessus•added 2026/06/08 12:0 a.m.•14 views

Amazon Linux 2 : bind, --advisory ALAS2-2026-3321 (ALAS-2026-3321)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3321 advisory. Fix GSS-API resource leak CVE-2026-3039 An unauthenticated remote attacker can crash any affected named instance with a...

7.5CVSS5.6AI score0.00966EPSS

Exploits0References6

Tenable Nessus•added 2026/06/06 12:0 a.m.•7 views

RockyLinux 8 : bind9.16 (RLSA-2026:23360)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:23360 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

7.5CVSS5.6AI score0.00966EPSS

Exploits0References5

Tenable Nessus•added 2026/06/05 12:0 a.m.•10 views

Oracle Linux 8 : bind9.16 (ELSA-2026-23360)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-23360 advisory. - Fix GSS-API resource leak CVE-2026-3039 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

7.5CVSS5.6AI score0.00966EPSS

Exploits0References3

RedHat Linux•added 2026/06/04 3:27 p.m.•10 views

Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.00966EPSS

Exploits0References3