CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1467 matches found

Amazon•added 2020/06/03 12:0 a.m.•68 views

Important: bind

Issue Overview: A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to proces...

8.6CVSS6.9AI score0.92629EPSS

Exploits6

RedHat Linux•added 2020/06/01 4:19 p.m.•2 views

bind: BIND does not sufficiently limit the number of fetches performed when processing referrals

A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector...

8.6CVSS6.7AI score0.1534EPSS

Exploits1References6

RedHat Linux•added 2020/06/01 9:40 a.m.•1 views

bind: BIND does not sufficiently limit the number of fetches performed when processing referrals

8.6CVSS6.7AI score0.1534EPSS

Exploits1References6

RedHat Linux•added 2020/05/28 6:50 p.m.•5 views

bind: BIND does not sufficiently limit the number of fetches performed when processing referrals

8.6CVSS6.7AI score0.1534EPSS

Exploits1References6

Hacker One•added 2020/05/25 12:52 p.m.•36 views

U.S. Dept Of Defense: XSS via X-Forwarded-Host header

Summary: The █████ website is vulnerable to a cross-site scripting flaw if the server receives a crafted X-Forwarded-Host header. Description: The server reads data directly from the HTTP request and reflects it back in the HTTP response. Reflected XSS exploits occur when an attacker causes a...

5.5AI score

Exploits0

Ubuntu•added 2020/05/20 6:10 p.m.•126 views

USN-4365-2: Bind vulnerabilities

USN-4365-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly...

8.6CVSS6.9AI score0.92629EPSS

Exploits6

OSV•added 2020/05/20 6:10 p.m.•1 views

USN-4365-2 bind9 vulnerabilities

8.6CVSS6.8AI score0.92629EPSS

Exploits6References3

OpenVAS•added 2020/05/20 12:0 a.m.•43 views

Ubuntu: Security Advisory (USN-4365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.7AI score0.92629EPSS

Exploits6References2

Tenable Nessus•added 2020/05/20 12:0 a.m.•49 views

Debian DSA-4689-1 : bind9 - security update

Several vulnerabilities were discovered in BIND, a DNS server implementation. - CVE-2019-6477 It was discovered that TCP-pipelined queries can bypass tcp-client limits resulting in denial of service. - CVE-2020-8616 It was discovered that BIND does not sufficiently limit the number of fetches...

8.6CVSS6.5AI score0.92629EPSS

Exploits6References11

OSV•added 2020/05/19 2:15 p.m.•0 views

DEBIAN-CVE-2020-8616

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...

8.6CVSS6.4AI score0.1534EPSS

Exploits1References1

NVD•added 2020/05/19 2:15 p.m.•23 views

CVE-2020-8616

8.6CVSS8.5AI score0.1534EPSS

Exploits1References13

OSV•added 2020/05/19 2:15 p.m.•1 views

ALPINE-CVE-2020-8616

8.6CVSS6.9AI score0.1534EPSS

Exploits1References1

OSV•added 2020/05/19 2:15 p.m.•24 views

CVE-2020-8616

8.6CVSS8.4AI score0.1534EPSS

Exploits1References13

Prion•added 2020/05/19 2:15 p.m.•39 views

Design/Logic Flaw

5CVSS8.2AI score0.1534EPSS

Exploits1References13Affected Software2

CVE•added 2020/05/19 2:5 p.m.•1069 views

CVE-2020-8616

CVE-2020-8616 (ISC BIND): A denial-of-service exists due to failure to limit the number of fetches when processing referrals. A remote attacker can craft referrals to cause a recursing server to perform a very large number of fetches, degrading performance and enabling potential reflection attack...

8.6CVSS8.7AI score0.1534EPSS

Exploits1References13Affected Software1

AlpineLinux•added 2020/05/19 2:5 p.m.•52 views

CVE-2020-8616

8.6CVSS8.8AI score0.1534EPSS

Exploits1

Debian CVE•added 2020/05/19 2:5 p.m.•40 views

CVE-2020-8616

8.6CVSS6.4AI score0.1534EPSS

Exploits1

OSV•added 2020/05/19 11:43 a.m.•2 views

USN-4365-1 bind9 vulnerabilities

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. CVE-2020-8616 Tobias...

8.6CVSS6.8AI score0.92629EPSS

Exploits6References3

Ubuntu•added 2020/05/19 11:43 a.m.•120 views

USN-4365-1: Bind vulnerabilities

8.6CVSS6.8AI score0.92629EPSS

Exploits6

Positive Technologies•added 2020/05/19 12:0 a.m.•2 views

PT-2020-3611

Name of the Vulnerable Software and Affected Versions BIND versions prior to the fixed version Windows DNS Server affected versions not specified PowerDNS Recursor affected versions not specified Description The issue is related to a lack of effective limitation on the number of fetches performed...

9.8CVSS7.6AI score0.92629EPSS

Exploits13References171

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by