Lucene search
K

2993 matches found

OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.15 views

Fedora: Security Advisory (FEDORA-2024-9df760819c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01729EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.16 views

Fedora: Security Advisory for unbound (FEDORA-2024-5bfa220621)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02516EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.14 views

Fedora: Security Advisory (FEDORA-2024-68626e0eb5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01729EPSS
Exploits0References4
Fedora
Fedora
added 2024/05/23 1:14 a.m.14 views

[SECURITY] Fedora 39 Update: unbound-1.20.0-1.fc39

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

7.5CVSS6.6AI score0.01729EPSS
Exploits0
Fedora
Fedora
added 2024/05/23 1:9 a.m.21 views

[SECURITY] Fedora 40 Update: unbound-1.20.0-1.fc40

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

7.5CVSS6.6AI score0.01729EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/23 12:0 a.m.7 views

The vulnerability of the Unbound DNS server lies in its ability to generate a burst of requests to the server using responses from DNS resolvers. This allows a hacker to execute a DDoS attack by utilizing DNS traffic.

The vulnerability of the Unbound DNS server relates to the possibility of generating an impulsive flow of numerous requests to the server, using responses from DNS resolvers. Exploiting this vulnerability allows a malicious actor to carry out a DDoS attack by utilizing DNS traffic...

5.9CVSS6.7AI score0.01729EPSS
Exploits0References14Affected Software5
RedHat Linux
RedHat Linux
added 2024/05/22 11:45 a.m.8 views

dnspython: denial of service in stub resolver

The dnspython stub resolver is vulnerable to a denial of service DoS risk if an attacker sends a malicious response forged with the correct address and port before a legitimate one arrives on the UDP port used by dnspython for the query. In such cases, dnspython could either switch to another...

7CVSS7.4AI score0.01857EPSS
Exploits1References5
AlmaLinux
AlmaLinux
added 2024/05/22 12:0 a.m.55 views

Moderate: python-dns security update

The python-dns package contains the dnslib module that implements a DNS client and additional modules that define certain symbolic constants used by DNS, such as dnstype, dnsclass and dnsopcode. Security Fixes: dnspython: denial of service in stub resolver CVE-2023-29483 For more details about th...

7CVSS6.8AI score0.01857EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/05/21 3:3 p.m.23 views

CVE-2021-47360 binder: make sure fd closes complete

In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...

6.4AI score0.0025EPSS
Exploits0References4
Amazon
Amazon
added 2024/05/20 12:0 a.m.3 views

Important: unbound

Issue Overview: An issue was discovered in some DNS recursive resolvers that allows remote attackers to cause a denial of service using a maliciously designed authority and response amplification. CVE-2024-33655 Affected Packages: unbound Note: This advisory is applicable to Amazon Linux 2 -...

7.5CVSS7AI score0.01729EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/05/17 3:15 p.m.23 views

CVE-2023-52674

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp in scarlett2mixerctlput Ensure the value passed to scarlett2mixerctlput is between 0 and SCARLETT2MIXERMAXVALUE so we don't attempt to access outside scarlett2mixervalues...

5.5CVSS6.3AI score0.00235EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2024/05/16 5:40 p.m.7 views

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/05/15 11:35 a.m.4 views

c-ares: Out of bounds read in ares__read_line()

A vulnerability was found in c-ares where the aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.22.0, the /etc/hosts file. If the configuration files have an embedded NULL character ...

5.5CVSS6.8AI score0.00349EPSS
Exploits0References5
Amazon
Amazon
added 2024/05/15 12:0 a.m.28 views

Important: unbound

Issue Overview: An issue was discovered in some DNS recursive resolvers that allows remote attackers to cause a denial of service using a maliciously designed authority and response amplification. CVE-2024-33655 Affected Packages: unbound Note: This advisory is applicable to Amazon Linux 2 AL2 Co...

7.5CVSS6.1AI score0.01729EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/05/07 7:34 a.m.6 views

bind: processing large delegations may severely degrade resolver performance

A flaw was found in bind. When flooding the target resolver with special queries, an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service...

5.3CVSS7.2AI score0.01495EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/05/07 12:0 a.m.60 views

RHEL 8 : bind and dhcp (RHSA-2024:2720)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2720 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

7.5CVSS7AI score0.99995EPSS
Exploits1References14
OSV
OSV
added 2024/05/06 1:4 p.m.19 views

RLSA-2024:1751 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default combination ...

8CVSS6.9AI score0.00318EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/05/06 1:15 a.m.5 views

unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

8CVSS6.6AI score0.00318EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/06 1:15 a.m.7 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/06 1:15 a.m.38 views

Important: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

8CVSS6.9AI score0.99995EPSS
Exploits1References4
Rows per page
Query Builder