SUSE CVE-2026-3593

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected...

CVE-2026-46727

An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that...

CVE-2026-45557

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

CVE-2026-33190 CoreDNS TSIG authentication bypass on encrypted DNS transports

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports DoT, DoH, DoH3, DoQ, and gRPC because it trusts the transport writer's TsigStatus instead of performing verification itself. The DoH and DoH3 writer's TsigStatus...

ISC BIND 9.18.40 < 9.18.44 / 9.18.40-S1 < 9.18.44-S1 / 9.20.13 < 9.20.18 / 9.20.13-S1 < 9.20.18-S1 / 9.21.12 < 9.21.17 Vulnerability (cve-2025-13878)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-13878 advisory. - Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through...

ALPINE-CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

Citrix Hypervisor - Unable to join server to existing pool

Unable to join the server to pool. Error from xencenter: "The server was unable to contact your domain server to enable external authentication. Check that your settings are correct and a route to the server exists."...

TIBCO Software FTL 信任管理问题漏洞

Tibco Ftl is an application-to-application messaging system from Tibco USA, Inc. Designed for low latency and high performance, TIBCO FTL suffers from a trust management issue vulnerability that stems from hard-coded secrets used in the default domain server, which can be exploited by attackers t...

ALPINE-CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

PWR-Q200 vulnerable to DNS cache poisoning attacks

Overview PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port CWE-330. Toshifumi Sakaguchi reported this vulnerability to IPA. JPCERT/CC coordinated with...

Simple Network penetration spying on a command-vulnerability warning-the black bar safety net

ipconfig /all //You can view the current network card configuration information, including the domain and IP section This command can be seen: the host name---shwdm, IP--192.168.103.8, the gateway IP---192.168.103.10,DNS domain name resolution IP address---192.168.100.1 to an primary WINS server...

Debian Security Advisory DSA 196-1 (bind)

The remote host is missing an update to bind announced via advisory DSA 196-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

[SECURITY] [DSA 1172-1] New bind9 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1172-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2006 http://www.debian.org/security/faq -...

FreeBSD-SA-03:19.bind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:19.bind Security Advisory The FreeBSD Project Topic: bind8 negative cache poison attack Category: contrib Module: contribbind Announced: 2003-11-28 Credits:...