734 matches found
Multiple vulnerabilities impact AIX due to ISC BIND (CVE-2025-13878 CVE-2026-1519 CVE-2026-3592 CVE-2026-5946 CVE-2026-5950)
IBM SECURITY ADVISORY First Issued: Fri Jul 3 04:02:10 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/bindadvisory30.asc Security Bulletin: Multiple vulnerabilities impact AIX due to ISC BIND CVE-2025-13878, CVE-2026-1519,...
EulerOS 2.0 SP15 : bind (EulerOS-SA-2026-2434)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...
EulerOS 2.0 SP15 : bind (EulerOS-SA-2026-2475)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...
K000161919: BIND vulnerability CVE-2026-5947
Security Advisory Description Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as...
SUSE SLES15 Security Update : bind (SUSE-SU-2026:2616-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2616-1 advisory. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3039: BIND 9 server memory...
Oracle Linux 9 : bind (ELSA-2026-24367)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24367 advisory. - Fix GSS-API resource leak CVE-2026-3039 - Invalid handling of CLASS != IN CVE-2026-5946 Tenable has extracted the preceding description block direct...
RHEL 9 : bind (RHSA-2026:29110)
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:29110 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
Oracle Linux 9 : bind (ELSA-2026-18786)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18786 advisory. - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 Tenable has...
Astra Linux – Vulnerability in Firefox
Under certain circumstances, calling the bind function might result in an incorrect realm being set. This could create a vulnerability related to JavaScript-implemented sandboxes, such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
Astra Linux – Vulnerability in bind9
In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of the BIND Supported Preview Edition, as well as release version 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploiting broken authoritative servers using a flaw in response...
bind security update
An update is available for bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...
MiracleLinux 8 : bind-9.11.36-16.el8_10.8 (AXSA:2026-775:05)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-775:05 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...
bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone
A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...
EulerOS 2.0 SP13 : bind (EulerOS-SA-2026-2279)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...
bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone
A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...
AlmaLinux 8 : bind (ALSA-2026:24339)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24339 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...
RHEL 10 : bind (RHSA-2026:24851)
"The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24851 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVE...
Important: bind
Issue Overview: Fix GSS-API resource leak CVE-2026-3039 An unauthenticated remote attacker can crash any affected named instance with a single crafted DNS message, causing denial of service. Both authoritative servers and resolvers are affected. CVE-2026-5946 Affected Packages: bind Note: This...
RHEL 9 : bind (RHSA-2026:24500)
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24500 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
AlmaLinux 10 : bind (ALSA-2026:24338)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24338 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...