34 matches found
ALPINE-CVE-2026-28387
Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...
[SECURITY] Fedora 44 Update: rust-openssl-probe-0.2.1-1.fc44
A library for helping to find system-wide trust anchor "root" certificate locations based on paths typically used by openssl...
SUSE-SU-2026:20652-1 Security update for ca-certificates-mozilla
This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs bsc1258002 - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public...
MiracleLinux 4 : bind-9.8.2-0.10.rc1.AXS4 (AXSA:2012-801:02)
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-801:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves ho...
MiracleLinux 4 : bind-9.7.3-8.P3.AXS4.2 (AXSA:2012-15:01)
"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-15:01 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names t...
Centralized Trust in Decentralized Systems: Unveiling Hidden Contradictions in Blockchain and Cryptocurrency
Blockchain technology promises to democratize finance and promote social equity through decentralization, but questions remain about whether current implementations advance or hinder these goals. Through a mixed-methods study combining semi-structured interviews with 13 diverse blockchain...
Trust anchors cannot be updated
Lines of code Vulnerability details Impact It will not be possible to claim names, because ENS will not be able to verify DNSSEC records after a root key rollover. Proof of Concept The DNSSEC root key signing keys act as trust anchors for the entire system. If they are invalid DNSSEC records...
SUSE CVE-2010-3762
ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service daemon crash via a DNS query...
SUSE CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
Security Bulletin: GSKit Trust Anchor vulnerability in Tivoli Directory Server (CVE-2012-2203)
Abstract A vulnerability has been identified in the GSKit component utilized by Tivoli Directory Server TDS such that trust anchors can be inserted without detection. Remediation for the issue consists of updating GSKit 7 to version 7.0.4.41 or higher, and GSKit 8 to version 8.0.14.22 or higher...
OPENSUSE-SU-2021:1762-1 Security update for curl
This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...
OPENSUSE-SU-2021:0808-1 Security update for curl
This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...
SUSE-SU-2021:1762-1 Security update for curl
This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...
EulerOS 2.0 SP2 : bind (EulerOS-SA-2019-2453)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called...
EulerOS Virtualization for ARM 64 3.0.3.0 : bind (EulerOS-SA-2019-2321)
According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date,...
CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
DEBIAN-CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Bind vulnerabilities (USN-3893-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3893-1 advisory. Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A remote attacker could possibly use this issue to cause Bin...
CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...