Lucene search
+L

16 matches found

RedHat Linux
RedHat Linux
added 2026/05/26 5:9 a.m.15 views

dnsmasq: RRSIG rdlen underflow leading to heap OOB read

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixe...

7.5CVSS5.8AI score0.06226EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/30 2:30 a.m.7 views

SUSE CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response,...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : bind-9.8.2-0.37.7.0.1.rc1.AXS4 (AXSA:2016-143:02)

"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-143:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves ho...

8.6CVSS7AI score0.621EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/05/09 10:2 a.m.10 views

bind: sending specific queries to the resolver may cause a DoS

A flaw was found in Bind, where a resolver crash is possible. When stale cache and stale answers are enabled, the option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query...

7.5CVSS7.1AI score0.5017EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2023/02/21 7:29 p.m.53 views

K62012529: BIND vulnerability CVE-2016-1286

Security Advisory Description named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c. CVE-2016-1286 Impact An attacke...

8.6CVSS7.1AI score0.621EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.5 views

SUSE CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

8.6CVSS6.7AI score0.621EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2023/01/03 12:0 a.m.25 views

ISC BIND DoS Vulnerability (CVE-2016-1286) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

8.6CVSS8.4AI score0.621EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/08/03 12:0 a.m.32 views

AIX bind Advisory : bind_advisory12.asc (IV84456) (IV84457) (IV84458) (IV84459) (IV84947) (IV84984) (IV85296) (IV85297) (IV85298)

The version of bind installed on the remote AIX host is affected by the following vulnerabilities : - A denial of service vulnerability exists in files sexpr.c and alist.c when handling control channel packets. An unauthenticated, remote attacker can exploit this, via crafted packets sent to the...

8.6CVSS7AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/08/17 12:0 a.m.44 views

F5 Networks BIG-IP : BIND vulnerability (K62012529)

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c. CVE-2016-1286 Impact An attacker may force the system to look...

8.6CVSS6.9AI score0.621EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2016/03/12 12:0 a.m.57 views

bind: denial of service

CVE-2016-2088 denial of service Allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a malformed packet with more than one cookie option. - CVE-2016-1286 denial of service Allows remote attackers to cause a denial of service assertion failure and...

5CVSS5.1AI score0.621EPSS
Exploits0References6
NVD
NVD
added 2016/03/09 11:59 p.m.26 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

8.6CVSS8.2AI score0.621EPSS
Exploits0References29
OSV
OSV
added 2016/03/09 11:59 p.m.9 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

8.6CVSS8.2AI score
Exploits0References29
Prion
Prion
added 2016/03/09 11:59 p.m.28 views

Design/Logic Flaw

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

5CVSS6.9AI score0.621EPSS
Exploits0References29Affected Software14
Debian CVE
Debian CVE
added 2016/03/09 11:0 p.m.30 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

8.6CVSS6.9AI score0.621EPSS
Exploits0
Cvelist
Cvelist
added 2016/03/09 11:0 p.m.32 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

8.3AI score0.621EPSS
Exploits0References29
UbuntuCve
UbuntuCve
added 2016/03/09 8:0 p.m.34 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

8.6CVSS6.9AI score0.621EPSS
Exploits0References3
Rows per page
Query Builder