OPENSUSE-SU-2026:10874-1 bind-9.20.23-1.1 on GA media

These are all security issues fixed in the bind-9.20.23-1.1 package on the GA media of openSUSE Tumbleweed...

Fedora 43 : bind / bind-dyndb-ldap (2026-b626e83a45)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-b626e83a45 advisory. Update to 9.18.49 rhbz2480121 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...

CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

HTTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an HTTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/http/x86/vncinject/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...

bind-9.20.21-1.1 on GA media (moderate)

bind-9.20.21-1.1 on GA media Announcement ID: openSUSE-SU-2026:10448-1 Rating: moderate Cross-References: CVE-2026-1519 CVE-2026-3104 CVE-2026-3119 CVE-2026-3591 CVSS scores: CVE-2026-1519 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-1519 SUSE : 8.7...

OPENSUSE-SU-2026:10448-1 bind-9.20.21-1.1 on GA media

These are all security issues fixed in the bind-9.20.21-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

MiracleLinux 7 : bind-9.11.4-26.P2.16.0.2.el7.AXS7 (AXSA:2024-8817:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8817:03 advisory. CVE-2024-1737: add a limit to the number of RRs in RRSets and RR types for single name CVE-2024-1975: remove support for SIG0 message verification F...

MiracleLinux 7 : bind-9.11.4-16.P2.6.0.1.el7.AXS7 (AXSA:2020-120:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-120:04 advisory. bind: BIND does not sufficiently limit the number of fetches performed when processing referrals CVE-2020-8616 bind: A logic error in code which chec...

MiracleLinux 7 : bind-9.11.4-26.P2.10.0.1.el7.AXS7 (AXSA:2022-3876:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3876:04 advisory. bind: memory leak in ECDSA DNSSEC verification code CVE-2022-38177 bind: memory leaks in EdDSA DNSSEC verification code CVE-2022-38178 Tenable has...

MiracleLinux 7 : bind-9.9.4-51.2.0.1.el7.AXS7 (AXSA:2018-2550:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2550:01 advisory. A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A...

MiracleLinux 7 : bind-9.11.4-26.P2.16.0.5.el7.AXS7 (AXSA:2025-9780:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9780:04 advisory. CVE-2024-11187: fix Denial of Service via Additional Section Resource Exhaustion in BIND 9 CVEs: CVE-2024-11187 It is possible to construct a zone such that...

RHEL 8 : bind9.16 (RHSA-2025:21939)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21939 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

[SECURITY] Fedora 42 Update: bind-9.18.41-1.fc42

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

EUVD-2023-54271

Malicious code in bioql PyPI...

OPENSUSE-SU-2025:15354-1 bind-9.20.11-1.1 on GA media

These are all security issues fixed in the bind-9.20.11-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

Linux Distros Unpatched Vulnerability : CVE-2018-5741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various...

RHSA-2025:1678 Red Hat Security Advisory: bind9.16 security update

Bulletin has no description...

CVE-2024-11187 affecting package bind for versions less than 9.20.5-1

CVE-2024-11187 affecting package bind for versions less than 9.20.5-1. An upgraded version of the package is available that resolves this issue...