Lucene search
+L

198 matches found

OSV
OSV
added 2026/05/20 12:0 a.m.7 views

UBUNTU-CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

10CVSS6.5AI score0.01272EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/19 9:55 p.m.11 views

dnsmasq: NSEC bitmap parsing infinite loop

A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...

7.5CVSS5.8AI score0.07237EPSS
Exploits0References5
OSV
OSV
added 2026/05/19 5:1 p.m.9 views

MGASA-2026-0152 Updated bind packages fix security vulnerabilities

It was discovered that bind contained a vulnerability where a Malformed BRID/HHIT record can cause named to terminate unexpectedly CVE-2025-13878. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-on...

7.5CVSS7.5AI score0.08219EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/19 1:47 p.m.40 views

CVE-2026-45557 Technitium DNS Server excessive DNSSEC requests

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS0.00389EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.20 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: bind (UTSA-2026-021471)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021471 advisory. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/11 8:26 p.m.10 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/11 8:0 p.m.17 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References8
OSV
OSV
added 2026/05/11 6:16 p.m.12 views

ALPINE-CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

7.5CVSS5.8AI score0.07237EPSS
Exploits0References1
NVD
NVD
added 2026/05/11 6:16 p.m.16 views

CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

7.5CVSS0.06226EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2026/05/11 4:47 p.m.21 views

CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

7.5CVSS5.8AI score0.06226EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:47 p.m.8 views

CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

7.5CVSS5.8AI score0.07237EPSS
Exploits0References8
OSV
OSV
added 2026/05/11 12:0 p.m.11 views

UBUNTU-CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

7.5CVSS5.8AI score0.07237EPSS
Exploits0References3
OSV
OSV
added 2026/04/25 5:49 a.m.10 views

OESA-2026-2074 llvm security update

LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...

3.7CVSS5.7AI score0.00478EPSS
Exploits1References2
OSV
OSV
added 2026/04/18 12:0 p.m.9 views

RLSA-2026:8352 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

AlmaLinux 10 : bind (ALSA-2026:8312)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:8312 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/15 2:2 p.m.7 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References8
Rockylinux
Rockylinux
added 2026/04/15 12:3 p.m.9 views

bind9.18 security update

An update is available for bind9.18. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Na...

7.5CVSS7.4AI score0.01545EPSS
Exploits0
OSV
OSV
added 2026/04/15 12:1 p.m.6 views

RLSA-2026:8155 Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/14 5:40 p.m.59 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/14 5:40 p.m.6 views

Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References2
Rows per page
Query Builder