54 matches found
EulerOS 2.0 SP12 : unbound (EulerOS-SA-2024-1863)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...
Important: unbound
Issue Overview: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw...
EulerOS 2.0 SP11 : unbound (EulerOS-SA-2024-1794)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound...
unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
Important: unbound
Issue Overview: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw...
unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2024-604)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-604 advisory. A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over...
unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
Important: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default combination ...
OESA-2024-1210 unbound security update
Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards. To help increase online privacy, Unbound supports DNS-over-TLS which allows clients to encrypt their communication. Unbound is available for most...
SUSE CVE-2024-1488
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
CVE-2024-1488
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
CVE-2024-1488
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...
PT-2024-5855 · Nlnet +5 · Unbound +5
Name of the Vulnerable Software and Affected Versions: Unbound affected versions not specified Description: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can conne...
PT-2023-25868 · Unknown · Tekton Pipelines
Name of the Vulnerable Software and Affected Versions: Tekton Pipelines versions 0.35.0 and later Description: The Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user...
SUSE CVE-2018-17188
Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full...
Security update for cacti, cacti-spine (important)
openSUSE Security Update: Security update for cacti, cacti-spine Announcement ID: openSUSE-SU-2020:0284-1 Rating: important References: 1082318 1101024 1101139 1122242 1122243 1122244 1122245 1122535 1158990 1158992 1161297 1163749 Cross-References: CVE-2009-4112 CVE-2018-20723 CVE-2018-20724...
openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-272)
This update for cacti, cacti-spine fixes the following issues : cacti-spine was updated to version 1.2.9. Security issues fixed : - CVE-2009-4112: Fixed a privilege escalation bsc1122535. - CVE-2018-20723: Fixed a cross-site scripting XSS vulnerability bsc1122245. - CVE-2018-20724: Fixed a...