Lucene search
K

34 matches found

OSV
OSV
added 2026/04/07 10:16 p.m.5 views

ALPINE-CVE-2026-28387

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS6.2AI score0.00631EPSS
Exploits0References1
Fedora
Fedora
added 2026/03/28 12:19 a.m.7 views

[SECURITY] Fedora 44 Update: rust-openssl-probe-0.2.1-1.fc44

A library for helping to find system-wide trust anchor "root" certificate locations based on paths typically used by openssl...

5.9AI score
Exploits0
OSV
OSV
added 2026/03/04 9:36 a.m.5 views

SUSE-SU-2026:20652-1 Security update for ca-certificates-mozilla

This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs bsc1258002 - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : bind-9.7.3-8.P3.AXS4.2 (AXSA:2012-15:01)

"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-15:01 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names t...

5CVSS7AI score0.16747EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : bind-9.8.2-0.10.rc1.AXS4 (AXSA:2012-801:02)

"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-801:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves ho...

8.5CVSS6.9AI score0.13538EPSS
Exploits2References3
Packet Storm News
Packet Storm News
added 2025/05/10 12:0 a.m.4 views

Centralized Trust in Decentralized Systems: Unveiling Hidden Contradictions in Blockchain and Cryptocurrency

Blockchain technology promises to democratize finance and promote social equity through decentralization, but questions remain about whether current implementations advance or hinder these goals. Through a mixed-methods study combining semi-structured interviews with 13 diverse blockchain...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/04/28 12:0 a.m.6 views

Trust anchors cannot be updated

Lines of code Vulnerability details Impact It will not be possible to claim names, because ENS will not be able to verify DNSSEC records after a root key rollover. Proof of Concept The DNSSEC root key signing keys act as trust anchors for the entire system. If they are invalid DNSSEC records...

6.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.4 views

SUSE CVE-2010-3762

ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service daemon crash via a DNS query...

4.3CVSS6.5AI score0.08086EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.5 views

SUSE CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...

4.9CVSS7.6AI score0.02264EPSS
Exploits0References13
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 8:45 p.m.35 views

Security Bulletin: GSKit Trust Anchor vulnerability in Tivoli Directory Server (CVE-2012-2203)

Abstract A vulnerability has been identified in the GSKit component utilized by Tivoli Directory Server TDS such that trust anchors can be inserted without detection. Remediation for the issue consists of updating GSKit 7 to version 7.0.4.41 or higher, and GSKit 8 to version 8.0.14.22 or higher...

7.5CVSS6.1AI score0.01576EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/07/10 4:41 p.m.5 views

OPENSUSE-SU-2021:1762-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

3.1CVSS4.8AI score0.04385EPSS
Exploits1References3
OSV
OSV
added 2021/05/29 4:5 p.m.6 views

OPENSUSE-SU-2021:0808-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

3.1CVSS4.8AI score0.04385EPSS
Exploits1References3
OSV
OSV
added 2021/05/26 10:30 a.m.5 views

SUSE-SU-2021:1762-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

3.1CVSS4.8AI score0.04385EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.273 views

EulerOS 2.0 SP2 : bind (EulerOS-SA-2019-2453)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called...

6.5CVSS6.3AI score0.40536EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/12/03 12:0 a.m.32 views

EulerOS Virtualization for ARM 64 3.0.3.0 : bind (EulerOS-SA-2019-2321)

According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date,...

7.5CVSS6.6AI score0.1107EPSS
Exploits0References4
OSV
OSV
added 2019/10/09 4:15 p.m.40 views

CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...

4.9CVSS7.4AI score0.02264EPSS
Exploits0References2
OSV
OSV
added 2019/10/09 4:15 p.m.3 views

DEBIAN-CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...

4.9CVSS6.6AI score0.02264EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2019/10/09 2:17 p.m.33 views

CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...

4.9CVSS6.4AI score0.02264EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/02/22 12:0 a.m.60 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Bind vulnerabilities (USN-3893-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3893-1 advisory. Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A remote attacker could possibly use this issue to cause Bin...

7.5CVSS6.6AI score0.037EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/02/21 12:0 a.m.36 views

CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...

4.9CVSS6.6AI score0.02264EPSS
Exploits0References4
Rows per page
Query Builder