141 matches found
CVE-2026-12969
An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...
CVE-2026-12969
An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...
CVE-2026-12969
Dnsmasq has an out-of-bounds read in find_soa() (src/rfc1035.c) when parsing NS records; extract_name() is called with extrabytes=0 and does not validate that 10 extra bytes exist for fixed-length DNS fields. A remote attacker controlling a DNS zone could exploit a crafted NXDOMAIN response to pe...
EUVD-2020-6135
Malware in sbrugna...
EUVD-2016-10579
Malware in sbrugna...
EUVD-2020-4559
Malware in sbrugna...
EUVD-2019-16028
Malware in sbrugna...
EUVD-2017-6570
Malware in sbrugna...
EUVD-2010-0129
Malware in sbrugna...
EUVD-2016-2383
Malware in sbrugna...
EUVD-2019-2213
Malware in sbrugna...
EUVD-2003-1122
Malware in sbrugna...
EUVD-2023-57830
Malicious code in bioql PyPI...
EUVD-2024-19377
Malicious code in bioql PyPI...
CLSA-2025-1739386415 bind: Fix of 3 CVEs
CVE-2023-5517: fix a flaw causing named to crash with an assertion failure when nxdomain-redirect is set, and a PTR query for an RFC 1918 address returns NXDOMAIN - CVE-2023-5679: fix a crash in named due to an assertion failure during recursive resolution when both DNS64 and serve-stale are...
SUSE-SU-2024:2033-1 Security update for bind
This update for bind fixes the following issues: - CVE-2023-4408: Fixed denial of service during DNS message parsing with different names bsc1219851 - CVE-2023-50387: Fixed denial of service during DNS messages validation with DNSSEC signatures bsc1219823 - CVE-2023-50868: Fixed denial of service...
SUSE SLED15: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2024:1982-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1982-1 advisory. - CVE-2023-4408: Fixed denial of service during DNS message parsing with different names bsc1219851 -...
SUSE-SU-2024:1982-1 Security update for bind
This update for bind fixes the following issues: - CVE-2023-4408: Fixed denial of service during DNS message parsing with different names bsc1219851 - CVE-2023-50387: Fixed denial of service during DNS messages validation with DNSSEC signatures bsc1219823 - CVE-2023-50868: Fixed denial of service...
bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled
A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR...
bind security update
bind 32:9.16.23-14.4 - Rebuild with correct z-stream tag again 32:9.16.23-14.3 - Rebuild together with bind-dyndb-ldap to adjust ABI changes 32:9.16.23-14.2 - Import tests for large DNS messages fix - Add downstream change complementing CVE-2023-50387 32:9.16.23-14.1 - Prevent increased CPU load ...