EUVD-2009-4937

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-5517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receiv...

bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled

A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR...

bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled

A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR...

CVE-2024-21763

When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel TMM to terminate. NOTE: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP AFM Code Issue Vulnerability

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A security vulnerability exists in the F5 BIG-IP AFM that stems from an undisclosed query that could cause the Traffic Management Microkernel TMM to terminate when the BIG-IP AFM appliance DoS or DoS...

DEBIAN-CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

UBUNTU-CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

SUSE CVE-2009-4975

Cross-site scripting XSS vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536...

SUSE CVE-2010-2536

Multiple cross-site scripting XSS vulnerabilities in rekonq 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 a URL associated with a nonexistent domain name, related to webpage.cpp, aka a "universal XSS" issue; 2 unspecified vectors related to webview.cpp; and t...

SUSE CVE-2020-12244

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation...

CVE-2009-4975

Cross-site scripting XSS vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536...

CVE-2009-4976

Cross-site scripting XSS vulnerability in webkitpart.cpp in kwebkitpart allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536...

CVE-2009-4975

Cross-site scripting XSS vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536...

CVE-2010-2536

Multiple cross-site scripting XSS vulnerabilities in rekonq 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 a URL associated with a nonexistent domain name, related to webpage.cpp, aka a "universal XSS" issue; 2 unspecified vectors related to webview.cpp; and t...

CVE-2009-4976

Removed by vendor...

BIND DNSSEC NSEC/NSEC3 validation code could cause bogus NXDOMAIN responses

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records, which allows remote attackers to add the Authenticated Data AD flag to a forged NXDOMAIN response for an existing domain...