Lucene search
+L

237 matches found

RedhatCVE
RedhatCVE
added 2026/06/29 1:50 p.m.7 views

CVE-2026-12244

A flaw was found in nsd. When nsd is configured as a secondary server for a zone, a remote attacker, acting as the primary server for that zone, can send a specially crafted DNS message within an AXFR Asynchronous Full Zone Transfer request. This message, containing a malformed SVCB Service Bindi...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/06/25 12:38 p.m.11 views

USN-8474-1: NSD vulnerabilities

It was discovered that NSD incorrectly handled APL resource records with an address length larger than permitted for the address family. A remote attacker could use this to cause a stack-based buffer overflow when the zone is written to disk, potentially executing arbitrary code with the privileg...

8.8CVSS6.6AI score0.00303EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/25 12:23 p.m.9 views

CVE-2026-40209

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 12:23 p.m.32 views

CVE-2026-40209 Denial of service via IXFR queries

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS0.00404EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.7 views

EUVD-2026-39348

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 9:31 a.m.8 views

EUVD-2026-39182

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score0.00303EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 7:16 a.m.13 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS0.00303EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 7:16 a.m.3 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS6AI score0.00303EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 5:24 a.m.7 views

CVE-2026-12490

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

8.2CVSS5.8AI score0.00139EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 5:24 a.m.7 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score0.00303EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.9 views

Fedora 44 : bind9-next (2026-dbb0776ac5)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dbb0776ac5 advisory. Update to 9.21.22 rhbz2480122 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...

9.8CVSS5.5AI score0.01844EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/06/01 11:5 a.m.14 views

CVE-2026-42000

A flaw was found in pdns. This vulnerability, stemming from insufficient validation of names during an Asynchronous Zone Transfer AXFR, allows a remote attacker to compromise the integrity of DNS data. By sending specially crafted requests, an attacker could potentially poison DNS caches or make...

8.6CVSS5.8AI score0.00242EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.10 views

SUSE CVE-2026-42000

Insufficient Validation of Names During AXFR...

8.6CVSS5.8AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.8 views

SUSE CVE-2026-42396

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

4.9CVSS5.8AI score0.00353EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 10:16 a.m.16 views

CVE-2026-42396

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...

6.5CVSS0.00353EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:25 a.m.6 views

CVE-2026-42000

Insufficient Validation of Names During AXFR...

6.8CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/21 9:25 a.m.52 views

CVE-2026-42000

CVE-2026-42000 affects PowerDNS Authoritative server. The issue is "Insufficient Validation of Names During AXFR" in the AXFR process, caused by inadequate validation of transfer names, which is reported to enable a command-injection path per some sources and could contribute to denial of service...

8.6CVSS5.8AI score0.00242EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/21 9:25 a.m.11 views

EUVD-2026-31261

Insufficient Validation of Names During AXFR...

6.8CVSS5.8AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2026/05/21 9:25 a.m.1 views

CVE-2026-42000 Insufficient Validation of Names During AXFR

Insufficient Validation of Names During AXFR...

6.8CVSS5.9AI score0.00242EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/05/21 9:25 a.m.14 views

CVE-2026-42000

Insufficient Validation of Names During AXFR...

8.6CVSS5.8AI score0.00242EPSS
Exploits0
Rows per page
Query Builder