2634 matches found
Ubuntu: Security Advisory (USN-7759-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ISC BIND Cache-Poisoning Vulnerability (CVE-2025-40776, Birthday Attack) - Linux
ISC BIND is prone to a cache-poisoning vulnerability Birthday Attack against Resolvers supporting ECS. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
ISC BIND Cache-Poisoning Vulnerability (CVE-2025-40776, Birthday Attack) - Windows
ISC BIND is prone to a cache-poisoning vulnerability Birthday Attack against Resolvers supporting ECS. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
ISC BIND DoS Vulnerability (CVE-2025-40777) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...
ISC BIND DoS Vulnerability (CVE-2025-40777) - Windows
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...
CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
TencentOS Server 4: dhcp (TSSA-2025:0066)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0066 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
FreeBSD : ISC KEA -- Multiple vulnerabilities (34744aab-3bf7-11f0-b81c-001b217e4ee5)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 34744aab-3bf7-11f0-b81c-001b217e4ee5 advisory. Internet Systems Consortium, Inc. reports: Tenable has extracted the preceding description blo...
ISC KEA -- Multiple vulnerabilities
Internet Systems Consortium, Inc. reports: Loading a malicious hook library can lead to local privilege escalation https://kb.isc.org/docs/cve-2025-32801 Insecure handling of file paths allows multiple local attacks https://kb.isc.org/docs/cve-2025-32802 Insecure file permissions can result in...
CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
ISC BIND DoS Vulnerability (CVE-2025-40775) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...
ISC BIND DoS Vulnerability (CVE-2025-40775) - Windows
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...
Security Bulletin: AIX/VIOS is vulnerable to a denial of service due to ISC BIND
Summary Vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service CVE-2024-12705, CVE-2024-11187. AIX uses ISC BIND as as part of its DNS functions. Vulnerability Details CVEID:CVE-2024-12705 DESCRIPTION: Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's C...
AIX is vulnerable to a denial of service due to ISC BIND
IBM SECURITY ADVISORY First Issued: Tue May 20 08:16:08 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/bindadvisory28.asc Security Bulletin: AIX is vulnerable to a denial of service due to ISC BIND...
Alibaba Cloud Linux 3 : 0041: dhcp (ALINUX3-SA-2021:0041)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0041 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-25217: In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R1...
Alibaba Cloud Linux 3 : 0058: dhcp (ALINUX3-SA-2023:0058)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0058 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2928: In ISC DHCP 4.4.0 - 4.4.3,...
Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
Summary LibTIFF is used by IBM Robotic Process Automation for Cloud Pak as part of the .NET Core and Watson NLP CVE-2022-48281, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, . ncurses is used by IBM Robotic Process Automation for Cloud Pak as part of base container...
Security Bulletin: IBM Spectrum Symphony with ISC BIND is vulnerable to a denial of service
Summary IBM Spectrum Symphony with ISC BIND is vulnerable to a denial of service Vulnerability Details CVEID:CVE-2022-3488 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error related to the processing of repeated responses to the same query, where both responses contain...
Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2021-25220 DESCRIPTION: ISC BIND could allow a remote attacker to bypass...