Lucene search
K

32 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in bind9

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode the available memory to the point where named crashes occur due to lack of resources...

7.5CVSS7.5AI score0.02299EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.2 views

MiracleLinux 3 : openssl-0.9.8b-10.1AXS3.1 (AXSA:2009-13:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-13:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

5.8CVSS7.5AI score0.05146EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

MiracleLinux 3 : dbus-1.0.0-7AXS3.1 (AXSA:2009-08:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-08:01 advisory. D-BUS is a system for sending messages between applications. It is used both for the systemwide message bus service, and as a per-user-login-session messaging...

2.1CVSS6.9AI score0.04623EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-7711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures...

7.5CVSS7.1AI score0.01755EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/16 6:36 p.m.78 views

Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795)

Summary UPDATED May 17 Corrected the affected fileset levels for AIX 7.2 TL5 and removed bos.net.tcp.bind 7.2.5.200.: A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795. AIX uses ISC BIND as part of i...

7.5CVSS7.1AI score0.02299EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/01/10 3:42 p.m.4 views

dotnet: X509 Certificates - Validation Bypass across Azure

A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw. An attacker could present an arbitrary untrusted certificate with malformed signatures, triggerin...

9.8CVSS6AI score0.02778EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.39 views

EulerOS Virtualization 2.10.1 : dhcp (EulerOS-SA-2023-1886)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance,...

7.5CVSS6.8AI score0.02299EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.9 views

SUSE CVE-2009-0049

Belgian eID middleware eidlib 2.6.0 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

5CVSS7.6AI score0.01185EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.5 views

SUSE CVE-2019-14853

An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service...

5.3CVSS6.6AI score0.02505EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-38178

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.7AI score0.02176EPSS
Exploits0References14
OSV
OSV
added 2022/10/14 11:4 a.m.3 views

OESA-2022-1982 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

8.2CVSS8.9AI score0.02299EPSS
Exploits0References6
OSV
OSV
added 2022/10/14 11:4 a.m.5 views

OESA-2022-1981 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

8.2CVSS8.9AI score0.02299EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.54 views

Oracle Linux 9 : bind (ELSA-2022-6763)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6763 advisory. - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 Tenable has extracted the preceding...

7.5CVSS7AI score0.02299EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/10/04 4:6 p.m.8 views

bind: memory leaks in EdDSA DNSSEC verification code

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS7.2AI score0.02176EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/10/04 3:45 p.m.3 views

bind: memory leak in ECDSA DNSSEC verification code

A flaw was found in the Bind package. By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program...

7.5CVSS7.1AI score0.02299EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/10/03 3:30 p.m.4 views

bind: memory leak in ECDSA DNSSEC verification code

A flaw was found in the Bind package. By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program...

7.5CVSS7.1AI score0.02299EPSS
Exploits0References5
OSV
OSV
added 2022/09/21 11:15 a.m.6 views

AZL-39989 CVE-2022-38178 affecting package dhcp for versions less than 4.4.3-2

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS6.7AI score0.02176EPSS
Exploits0References1
OSV
OSV
added 2022/09/21 11:15 a.m.3 views

DEBIAN-CVE-2022-38177

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.7AI score0.02299EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/21 10:15 a.m.17 views

CVE-2022-38178 Memory leaks in EdDSA DNSSEC verification code

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.6AI score0.02176EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/09/21 10:15 a.m.66 views

CVE-2022-38177 Memory leak in ECDSA DNSSEC verification code

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.8AI score0.02299EPSS
Exploits0References9
Rows per page
Query Builder