Lucene search
+L

168 matches found

Microsoft CVE
Microsoft CVE
added 2026/03/29 8:1 a.m.6 views

Excessive NSEC3 iterations cause high CPU load during insecure delegation validation

...

7.5CVSS5.8AI score0.01545EPSS
Exploits0
Slackware Linux
Slackware Linux
added 2026/03/25 11:59 p.m.9 views

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.47-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix unbounded NSEC3 iterations when validating referrals...

7.5CVSS5.8AI score0.01545EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Fedora 45 : bind / bind-dyndb-ldap (2026-8db2f80244)

The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8db2f80244 advisory. Update to 9.18.47 rhbz2440561 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 Source:...

7.5CVSS6AI score0.01545EPSS
Exploits0References2
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/03/16 12:0 a.m.5 views

Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack

Warlock continues to enhance its attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/07 12:0 a.m.7 views

Fedora 42 : bind / bind-dyndb-ldap (2026-34c921d252)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-34c921d252 advisory. Update to 9.18.44 rhbz2431609 Security Fixes: - Fix incorrect length checks for BRID and HHIT records. CVE-2025-13878 Bug Fixes: - Allow glue in delegations...

7.5CVSS6AI score0.08219EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/02/05 12:0 a.m.8 views

VulnCheck KEV: CVE-2025-68947

NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver...

5.7CVSS5.8AI score0.00116EPSS
In wildExploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Fedora 44 : bind / bind-dyndb-ldap (2026-925e7cce85)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-925e7cce85 advisory. Update to 9.18.44 rhbz2431609 Security Fixes: - Fix incorrect length checks for BRID and HHIT records. CVE-2025-13878 Bug Fixes: - Allow glue in delegations...

7.5CVSS6AI score0.08219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : dnsmasq-2.79-31.el8_9.2 (AXSA:2024-7620:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7620:02 advisory. dnsmasq: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 dnsmasq: bind9: Preparing an NSEC3 closest encloser proof can...

7.5CVSS7.8AI score0.99995EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : bind9.16-9.16.23-0.16.el8_9.2.ML.1 (AXSA:2024-7685:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7685:01 advisory. bind9: Parsing large DNS messages may cause excessive CPU load CVE-2023-4408 bind9: Querying RFC 1918 reverse zones may cause an assertion failure...

7.5CVSS8.5AI score0.99995EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/01/13 9:19 p.m.5 views

CVE-2025-68947 NSecsoft NSecKrnl process termination privilege escalation

NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver...

5.7CVSS5.8AI score0.00116EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-7327

Malware in sbrugna...

7.5CVSS7.6AI score0.23633EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-6570

Malware in sbrugna...

5.3CVSS5.6AI score0.0263EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-34280

Malicious code in bioql PyPI...

7.5CVSS7.2AI score0.00868EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.8 views

CVE-2023-0853

Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF74...

9.8CVSS9.5AI score0.01163EPSS
Exploits0References1
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/03/04 6:24 a.m.11 views

DNSSEC NSEC. The accidental treasure map to your subdomains

TL;DR: DNSSEC secures DNS but may unintentionally expose domain structures via NSEC/NSEC3 records, enabling zone walking to enumerate subdomains. NSEC openly lists domain names, making enumeration easy. NSEC3 hashes names, making enumeration harder, but attackers can still crack weak...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-15105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prov...

5.3CVSS6AI score0.0263EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/01/06 1:36 p.m.5 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2024/07/22 2:33 p.m.21 views

DNSJava DNSSEC Bypass

Summary Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. Details DNS Messages are not authenticated. They do not guarantee that - received RRs are authentic - not received RRs do not exist - all or any received...

8.9CVSS8.5AI score0.00392EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/06/13 2:29 a.m.9 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/06/10 8:16 a.m.9 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
Rows per page
Query Builder