MiracleLinux 9 : bind9.18-9.18.29-1.el9_5.1 (AXSA:2025-9706:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9706:01 advisory. bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187 bind: bind9: DNS-over-HTTPS implementation suffers from...

EUVD-2023-54109

Malicious code in bioql PyPI...

CVE-2025-40802

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial of service, with the system recovering onc...

PT-2025-36685

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RST2428P 6GK6242-6PA00 affected versions not specified Description: A vulnerability exists that may cause resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial...

bind9.18 security update

32:9.18.29-1.el95.1 - Fix CVE-2024-11187 bind: bind9: Many records in the additional section cause CPU exhaustion - Fix CVE-2024-12705 bind: bind9: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load...

MGASA-2025-0036 Updated bind packages fix security vulnerabilities

Many records in the additional section cause CPU exhaustion. CVE-2024-11187 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load. CVE-2024-12705...

Updated bind packages fix security vulnerabilities

Many records in the additional section cause CPU exhaustion. CVE-2024-11187 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load. CVE-2024-12705...

CVE-2024-12705

Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...

K000137038: BIND vulnerability CVE-2023-4236

Security Advisory Description A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9...

CVE-2023-4236

A flaw was found in the Bind package. The networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. A named instance vulnerable t...

Design/Logic Flaw

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

CVE-2022-37734

graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9...

CVE-2019-6477

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to...

Debian DSA-3203-1 : tor - security update

Several denial-of-service issues have been discovered in Tor, a connection-based low-latency anonymous communication system. - Jowr discovered that very high DNS query load on a relay could trigger an assertion error. - A relay could crash with an assertion error if a buffer of exactly the wrong...

[SECURITY] [DLA 178-1] tor security update

Package : tor Version : 0.2.4.26-1deb6u1 Several issues have been discovered and fixed in Tor, a connection-based low-latency anonymous communication system. o Jowr discovered that very high DNS query load on a relay could trigger an assertion error. o A relay could crash with an assertion error ...

DSA-2517-1 bind9 - denial of service

Bulletin has no description...