Lucene search
K

108 matches found

Cvelist
Cvelist
added 2026/06/25 1:1 p.m.33 views

CVE-2026-42390 ZONEMD validation can be bypassed

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation...

5.3CVSS0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/01 11:10 a.m.11 views

CVE-2026-42396

A flaw was found in pdns. Insufficient validation of member zone data can allow a privileged attacker to cause a catalog zone transfer to fail. This can lead to a denial of service DoS for affected DNS services, preventing legitimate users from resolving domain names...

6.5CVSS5.7AI score0.00353EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.8 views

SUSE CVE-2026-42396

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

4.9CVSS5.8AI score0.00353EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 10:16 a.m.14 views

CVE-2026-42396

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

6.5CVSS0.00353EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 9:25 a.m.11 views

CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

4.9CVSS5.8AI score0.00353EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:25 a.m.8 views

CVE-2026-42396

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

4.9CVSS5.8AI score0.00353EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/21 9:25 a.m.12 views

EUVD-2026-31265

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

4.9CVSS5.8AI score0.00353EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 9:25 a.m.32 views

CVE-2026-42396

Technical details for CVE-2026-42396 are not publicly available in the provided documents. Monitor for updates from Debian advisories and NVD for affected versions and fixes.

6.5CVSS5.8AI score0.00353EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/21 9:25 a.m.52 views

CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

4.9CVSS0.00353EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 9:25 a.m.16 views

CVE-2026-42396

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

6.5CVSS5.8AI score0.00353EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

PowerDNS Authoritative 代码注入漏洞

PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a code injection vulnerability, which stems from insufficient validation of member zone data, potentially leading to failed zone transfer operations...

6.5CVSS5.9AI score0.00353EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42449

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

4.9CVSS5.8AI score0.00353EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 9:21 a.m.9 views

CVE-2026-42960 Possible cache poisoning via promiscuous records for the authority section

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

7.1CVSS5.7AI score0.00249EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fixed the potential NULL pointer dereferencing issue. If sdprobe encounters an error before sdkp-device is initialized, sdzbcreleasedisk is called. This leads to a NULL pointer dereferencing issue when sdiszoned is call...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in bind9

Resolver caches and authoritative zone databases that hold a significant number of Resource Records for the same hostname of any RTYPE may experience degraded performance as content is added or updated, as well as when handling client queries for this name. This issue affects BIND 9 versions 9.11...

7.5CVSS7.5AI score0.02114EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/20 12:0 a.m.10 views

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS5.7AI score0.00249EPSS
Exploits0References3
OSV
OSV
added 2026/05/05 4:2 p.m.8 views

OPENSUSE-SU-2026:20681-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.11+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

7.5CVSS5.9AI score0.00702EPSS
Exploits0References16
EUVD
EUVD
added 2026/04/23 3:47 a.m.7 views

EUVD-2026-25180

Froxlor is open source server administration software. Prior to version 2.3.6, DomainZones::add accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in the content field. When a DNS type not covered by the if/elseif validation chain is submitted e.g.,...

8.5CVSS5.8AI score0.00347EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/25 12:0 a.m.3 views

CVE-2024-51347

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

6AI score0.00325EPSS
Exploits1References3
Amazon
Amazon
added 2025/12/08 12:0 a.m.5 views

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...

7.1CVSS6.5AI score0.00311EPSS
Exploits0
Rows per page
Query Builder