Astra Linux - уязвимость в bind9

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

CVE-2026-3104

CVE-2026-3104 describes a memory leak in BIND resolver code during DNSSEC non-existence proof preparation caused by processing a specially crafted domain. Affected: BIND 9.20.0–9.20.20, 9.21.0–9.21.19, and 9.20.9-S1–9.20.20-S1. Not affected: 9.18.x series. Impact: memory growth potentially leadin...

UBUNTU-CVE-2026-3119

Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature TSIG from a key declared in the named configuration. This issue affects BIND 9 versions 9.20....

EulerOS 2.0 SP10 : bind (EulerOS-SA-2025-2378)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...

UBUNTU-CVE-2025-8677

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

EUVD-2025-21732

Malicious code in bioql PyPI...

EUVD-2025-21733

Malicious code in bioql PyPI...

EUVD-2025-21734

Malicious code in bioql PyPI...

CVE-2025-37107

An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.18...

CVE-2025-37107

An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.18...

CVE-2025-37107

An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.18...

PT-2025-29875 · Hewlett Packard · Hpe Autopass License Server

Name of the Vulnerable Software and Affected Versions: HPE AutoPass License Server APLS versions prior to 9.18 Description: An authentication bypass allows unauthorized access to the system. Recommendations: Update HPE AutoPass License Server to version 9.18 or later...

HPE AutoPass License Server 安全漏洞

HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.18 that stems from an authentication bypass issue...

PT-2025-29872 · Hewlett Packard · Hpe Autopass License Server

Name of the Vulnerable Software and Affected Versions: HPE AutoPass License Server APLS versions prior to 9.18 Description: An hsqldb-related remote code execution vulnerability exists. Recommendations: Update HPE AutoPass License Server to version 9.18 or later...

RHEL 9 : bind9.18 (RHSA-2025:1670)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1670 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Bind vulnerabilities (USN-6909-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-1 advisory. It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue...

openSUSE: Security Advisory for ldb, samba (SUSE-SU-2022:2586-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

SUSE CVE-2020-16296

A buffer overflow vulnerability in GetNumWrongData in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...