Lucene search
K

21 matches found

EUVD
EUVD
added 2026/06/12 6:10 p.m.10 views

EUVD-2026-36529

The Naxclow platform API that returns device relay registration details exposes a persistent credential without verifying that the requester is the legitimate device or owner. An actor able to present a platform-valid request signature can retrieve credentials for arbitrary devices and register o...

8.7CVSS5.5AI score0.00306EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/16 11:31 p.m.7 views

CVE-2025-68671

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

6.5CVSS6.7AI score0.00239EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/15 10:35 p.m.5 views

CVE-2025-68671 lakeFS is Missing Timestamp Validation in S3 Gateway Authentication

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

6.5CVSS5.5AI score0.00239EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/10/12 4:37 p.m.4 views

rgw: improperly verified POST keys

A flaw was found in rgw. This flaw allows an unprivileged user to write to any buckets accessible by a given key if a POST's form-data contains a key called 'bucket' with a value matching the bucket's name used to sign the request. This issue results in a user being able to upload to any bucket...

9.8CVSS5.8AI score0.02539EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/01/30 12:0 a.m.39 views

EulerOS Virtualization 3.0.2.2 : bind (EulerOS-SA-2023-1244)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview...

8.1CVSS7AI score0.64161EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.37 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2021-0153)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

7.5CVSS6.4AI score0.06348EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/07/02 12:0 a.m.28 views

EulerOS Virtualization for ARM 64 3.0.2.0 : bind (EulerOS-SA-2021-2092)

According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported...

7.5CVSS7AI score0.11296EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.45 views

EulerOS Virtualization 3.0.6.6 : bind (EulerOS-SA-2021-1458)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview...

7.5CVSS7AI score0.06348EPSS
Exploits0References3
Amazon
Amazon
added 2021/01/15 12:0 a.m.45 views

Medium: bind

Issue Overview: A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability. CVE-2020-8622 Affected Packages: bind Issue Correction: Run yum update bind or yum...

6.5CVSS7AI score0.05545EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/10 1:20 p.m.2 views

bind: truncated TSIG response can lead to an assertion failure

A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability...

6.5CVSS6.8AI score0.05545EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/11/03 12:0 a.m.22 views

EulerOS 2.0 SP2 : bind (EulerOS-SA-2020-2329)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

6.5CVSS7AI score0.05545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/10/30 12:0 a.m.26 views

EulerOS 2.0 SP5 : bind (EulerOS-SA-2020-2278)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

6.5CVSS7AI score0.05545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/10/09 12:0 a.m.36 views

EulerOS 2.0 SP9 : bind (EulerOS-SA-2020-2161)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

6.5CVSS7AI score0.05545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.29 views

EulerOS Virtualization for ARM 64 3.0.6.0 : bind (EulerOS-SA-2020-2017)

According to the version of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Previ...

6.5CVSS6.8AI score0.05545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.44 views

EulerOS 2.0 SP3 : bind (EulerOS-SA-2020-2063)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker...

8.6CVSS6.8AI score0.93422EPSS
Exploits6References4
Veracode
Veracode
added 2020/08/31 4:8 a.m.32 views

Denial Of Service (DoS)

BIND is vulnerable to denial of service, An attacker who on the network path for a TSIG-signed request is able to send a truncated response to that request that will result in an assertion failure, causing the server to exit...

6.5CVSS3.2AI score0.05545EPSS
Exploits0References15Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.234 views

EulerOS 2.0 SP8 : bind (EulerOS-SA-2020-1836)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

6.5CVSS7AI score0.05545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/08/27 12:0 a.m.115 views

ISC BIND 9.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS

According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.x prior to 9.11.22, 9.12.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS vulnerability due to an assertion failure when...

6.5CVSS6.9AI score0.05545EPSS
Exploits0References2
Prion
Prion
added 2020/08/21 9:15 p.m.38 views

Design/Logic Flaw

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

4CVSS6.6AI score0.05545EPSS
Exploits0References13Affected Software7
OSV
OSV
added 2020/08/21 11:29 a.m.7 views

USN-4468-1 bind9 vulnerabilities

Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2020-8620 Joseph Gullo discovered that Bind incorrectly handled...

7.5CVSS6.9AI score0.06348EPSS
Exploits0References6
Rows per page
Query Builder