bind9.16 security update

32:9.16.23-0.22.6 - Fix GSS-API resource leak CVE-2026-3039 - Invalid handling of CLASS != IN CVE-2026-5946...

CLSA-2026-1780054583 Fix CVE(s): CVE-2026-3039

SECURITY UPDATE: GSS-API resource leak triggered by multi-round TKEY - debian/patches/CVE-2026-3039.patch: reject GSSSCONTINUENEEDED in dstgssapiacceptctx and release the partial security context and gouttoken so they don't accumulate per malicious TKEY query. - CVE-2026-3039...

CLSA-2026-1780054328 Fix CVE(s): CVE-2026-3039

SECURITY UPDATE: GSS-API resource leak triggered by multi-round TKEY - debian/patches/CVE-2026-3039.patch: reject GSSSCONTINUENEEDED in dstgssapiacceptctx and release the partial security context and gouttoken so they don't accumulate per malicious TKEY query. - CVE-2026-3039...

Slackware Linux 15.0 / current bind Multiple Vulnerabilities (SSA:2026-141-01)

The version of bind installed on the remote host is prior to 9.18.49 / 9.20.23. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-141-01 advisory. New bind packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

[SECURITY] [DSA 6285-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6285-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 20, 2026 https://www.debian.org/security/faq -...

DEBIAN-CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

ISC BIND 9.0.0 < 9.18.49 / 9.9.3-S1 < 9.18.49-S1 / 9.18.0 < 9.18.49 / 9.18.11-S1 < 9.18.49-S1 / 9.20.0 < 9.20.23 / 9.20.9-S1 < 9.20.23-S1 / 9.21.0 < 9.21.22 Vulnerability (cve-2026-3039)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3039 advisory. - BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory...

Linux Distros Unpatched Vulnerability : CVE-2026-3039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processin...

UBUNTU-CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

EUVD-2026-3039

EUVD-2026-3039...

CVE-2012-3039

Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmware before 1.4 do not use a sufficient source of entropy for SSH and SSL keys, which makes it easier for remote attackers to obtain access by leveraging knowledge of a key from a product installation elsewhere...

CVE-2025-3039

creationtimestamp| type| source ---|---|--- 2025-03-31 23:31:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9788 2025-04-01 00:08:33+00:00| seen| https://bsky.app/profile/potato.software/post/3llplf6usrv26 2025-04-01 03:35:22+00:00| seen| https://t.me/cvedetector/2168...

CVE-2025-3039

A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /addemployee.php. The manipulation of the argument lname/fname leads to sql injection. It is possible to launch the attack remotely. The exploi...

CVE-2025-3039 code-projects Payroll Management System add_employee.php sql injection

A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /addemployee.php. The manipulation of the argument lname/fname leads to sql injection. It is possible to launch the attack remotely. The exploi...

CVE-2023-3039

creationtimestamp| type| source ---|---|--- 2023-09-12 12:22:47+00:00| seen| https://t.me/cibsecurity/70248...

CVE-2023-3039

SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access...

CVE-2023-3039

CVE-2023-3039 concerns Dell SD ROM Utility. Multiple connected sources confirm an Impaired Access Control vulnerability in versions prior to 1.0.2.0, allowing a low-privileged attacker to potentially perform arbitrary code execution with limited access rights. The root issue is an improper access...

SUSE CVE-2022-3039

Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...