7678 matches found
Important: bind
Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...
Important: bind
Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...
Security update for bind
This update for bind fixes the following issues: Update to release 9.18.33 Security Fixes: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when under heavy query load bsc1236597...
SUSE-SU-2025:0355-1 Security update for bind
This update for bind fixes the following issues: Update to release 9.18.33 Security Fixes: - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 - CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when under heavy query load...
Amazon Linux 2 : bind (ALAS-2025-2751)
The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2751 advisory. It is possible to construct a zone such that some queries to it will generate responses containing numerous records in t...
Important: bind
Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...
Exploit for Path Traversal in Apache Http_Server
SSH Key and RCE PoC for CVE-2021-41773 This repository contai...
CVE-2024-23928
CVE-2024-23928 affects Pioneer DMH-WT7600NEX telematics over HTTPS, due to improper validation of the server certificate. This enables network-adjacent attackers (no authentication required) to compromise the integrity of downloaded information and, in combination with other vulnerabilities, exec...
ISC BIND DoS Vulnerability (CVE-2024-12705) - Linux
ISC BIND is prone to a denial of service DoS vulnerability in the DNS-over-HTTPS implementation. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
CVE-2024-12705
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
CVE-2024-12705
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
CVE-2024-12705
A flaw was found in BIND 9. By flooding a target resolver with HTTP/2 traffic and exploiting this flaw, an attacker could overwhelm the server, causing high CPU and/or memory usage and preventing other clients from establishing DoH connections. This issue could significantly impair the resolver's...
CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
CVE-2024-12705
CVE-2024-12705 affects BIND’s DNS-over-HTTPS (DoH) implementation. Under crafted HTTP/2 traffic, a resolver can experience CPU/memory exhaustion, leading to denial of service. Affected: BIND 9.18.0–9.18.32, 9.20.0–9.20.4, 9.21.0–9.21.3 (and 9.18.11-S1–9.18.32-S1). Impact: potential DoS impacting ...
CVE-2024-12705
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
CVE-2024-12705
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
CVE-2024-48849
Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficient to prevent unauthorized HTTPS requests. This issue affects FLXEON: through = 9.3.4...
CVE-2024-48852 Information disclosures
Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through = 9.3.4...
CVE-2024-48852
CVE-2024-48852 affects ABB FLXeon (