223 matches found
CVE-2026-42000
A flaw was found in pdns. This vulnerability, stemming from insufficient validation of names during an Asynchronous Zone Transfer AXFR, allows a remote attacker to compromise the integrity of DNS data. By sending specially crafted requests, an attacker could potentially poison DNS caches or make...
SUSE CVE-2026-42000
Insufficient Validation of Names During AXFR...
SUSE CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
EUVD-2026-31261
Insufficient Validation of Names During AXFR...
CVE-2026-42000
Insufficient Validation of Names During AXFR...
CVE-2026-42000
CVE-2026-42000 affects PowerDNS Authoritative server. The issue is "Insufficient Validation of Names During AXFR" in the AXFR process, caused by inadequate validation of transfer names, which is reported to enable a command-injection path per some sources and could contribute to denial of service...
CVE-2026-42000
Insufficient Validation of Names During AXFR...
CVE-2026-42396
Technical details for CVE-2026-42396 are not publicly available in the provided documents. Monitor for updates from Debian advisories and NVD for affected versions and fixes.
CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
EUVD-2026-31265
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-44608
A flaw was found in Unbound. When operating in a multi-threaded configuration with specific Response Policy Zones RPZ using 'rpz-nsip' or 'rpz-nsdname' triggers, a locking inconsistency during an RPZ zone transfer XFR reload can occur. This timing issue may allow an adversary to trigger a heap...
PT-2026-42449
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
PowerDNS Authoritative 命令注入漏洞
PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a command injection vulnerability, which stems from insufficient name validation during the AXFR process...
PT-2026-42446
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Insufficient validation of names occurs during AXFR Asynchronous Full Transfer, a mechanism used by DNS servers to replicate zone data from a primary server to a...
CVE-2026-44608 Use after free and crash under special conditions in RPZ code
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met multi-threaded, RPZ XFR reload, RPZ zone with 'rpz-nsip'/'rpz-nsdname' triggers it could result in heap use-after-free and eventual crash. An adversary can...
CVE-2026-44608
Summary: NLnet Labs Unbound versions 1.14.0–1.25.0 contain a locking inconsistency in RPZ handling that can cause a heap use-after-free and crash under specific multi-threaded conditions when an RPZ XFR reload occurs and an RPZ zone is loaded with rpz-nsip or rpz-nsdname triggers. An attacker wou...