Lucene search
K

43 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.11 views

RockyLinux 9 : bind9.18 (RLSA-2026:24368)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24368 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References5
OSV
OSV
added 2026/06/09 10:8 a.m.14 views

RHSA-2026:24368 Red Hat Security Advisory: bind9.18 security update

Bulletin has no description...

7.5CVSS5.1AI score0.0181EPSS
Exploits0References11
OSV
OSV
added 2026/06/01 11:39 a.m.8 views

BIT-ELK-2026-49093 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access

Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block...

7.7CVSS5.8AI score0.00199EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/20 1:9 p.m.15 views

CVE-2026-3593

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected...

7.4CVSS5.8AI score0.01844EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.8 views

AlmaLinux 9 : bind9.18 (ALSA-2026:7915)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:7915 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.9AI score0.01545EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/04/15 12:3 p.m.9 views

bind9.18 security update

An update is available for bind9.18. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Na...

7.5CVSS7.4AI score0.01545EPSS
Exploits0
EUVD
EUVD
added 2026/04/14 6:30 p.m.5 views

EUVD-2025-209451

A server-side request forgery ssrf vulnerability CWE-918 vulnerability in Fortinet FortiSOAR PaaS 7.6.4, FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.4, FortiSOAR on-premise 7.6.0...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/13 7:40 p.m.5 views

Important: Red Hat Security Advisory: bind9.18 security update

An update for bind9.18 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.5 views

PT-2026-24679

CVE-2025-70027 An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive informati… https://t.co/0CdAjHLKpo...

7.5CVSS5.8AI score0.00272EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/10 2:12 a.m.3 views

CVE-2025-70042

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master...

9.8CVSS5.8AI score0.00332EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/09 12:0 a.m.2 views

CVE-2025-70042

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master...

5.8AI score0.00332EPSS
Exploits0References3
Fedora
Fedora
added 2026/01/27 5:38 a.m.6 views

[SECURITY] Fedora 43 Update: bind-9.18.44-1.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS6.1AI score0.08219EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Fedora 44 : bind / bind-dyndb-ldap (2026-925e7cce85)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-925e7cce85 advisory. Update to 9.18.44 rhbz2431609 Security Fixes: - Fix incorrect length checks for BRID and HHIT records. CVE-2025-13878 Bug Fixes: - Allow glue in delegations...

7.5CVSS6AI score0.08219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.5 views

Slackware Linux 15.0 / current bind Vulnerability (SSA:2026-021-01)

The version of bind installed on the remote host is prior to 9.18.44 / 9.20.18. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-021-01 advisory. New bind packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

7.5CVSS6AI score0.08219EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/15 11:25 p.m.4 views

CVE-2020-36930 SysGauge 7.9.18 - ' SysGauge Server' Unquoted Service Path

SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables...

8.5CVSS7AI score0.00214EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.4 views

Oracle Linux 9 : bind9.18 (ELSA-2025-21111)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21111 advisory. - Fix upstream reported regression in recent CVE fix CVE-2025-8677 - Refuse malformed DNSKEY records CVE-2025-8677 - Address various spoofing attacks...

8.6CVSS6.7AI score0.1096EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.5 views

AlmaLinux 9 : bind9.18 (ALSA-2025:21111)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21111 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 bind: Resource exhaustion via...

8.6CVSS6.7AI score0.1096EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/11/19 12:0 a.m.5 views

AlmaLinux 9 : bind9.18 (ALSA-2025:19950)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19950 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 bind: Resource exhaustion via...

8.6CVSS6.7AI score0.1096EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/11/12 10:44 a.m.7 views

Important: Red Hat Security Advisory: bind9.18 security update

An update for bind9.18 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.6CVSS6.7AI score0.1096EPSS
Exploits1References4
OSV
OSV
added 2025/11/12 12:0 a.m.7 views

ALSA-2025:21111 Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

8.6CVSS6.7AI score0.1096EPSS
Exploits1References8
Rows per page
Query Builder