SUSE CVE-2026-3593

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected...

CVE-2026-46727

An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that...

CVE-2026-45557

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

CVE-2026-33190 CoreDNS TSIG authentication bypass on encrypted DNS transports

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports DoT, DoH, DoH3, DoQ, and gRPC because it trusts the transport writer's TsigStatus instead of performing verification itself. The DoH and DoH3 writer's TsigStatus...

ISC BIND 9.18.40 < 9.18.44 / 9.18.40-S1 < 9.18.44-S1 / 9.20.13 < 9.20.18 / 9.20.13-S1 < 9.20.18-S1 / 9.21.12 < 9.21.17 Vulnerability (cve-2025-13878)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-13878 advisory. - Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through...

ALPINE-CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

Citrix Hypervisor - Unable to join server to existing pool

Unable to join the server to pool. Error from xencenter: "The server was unable to contact your domain server to enable external authentication. Check that your settings are correct and a route to the server exists."...

The vulnerability of the DNS Server component of the Windows operating system, related to synchronization errors when using a shared resource (“Race Situation”), allows a perpetrator to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

TIBCO Software FTL 信任管理问题漏洞

Tibco Ftl is an application-to-application messaging system from Tibco USA, Inc. Designed for low latency and high performance, TIBCO FTL suffers from a trust management issue vulnerability that stems from hard-coded secrets used in the default domain server, which can be exploited by attackers t...

ALPINE-CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

The vulnerability of the connected authentication module of the Linux operating system PAM, which allows a hacker to trigger a service failure.

The vulnerability of the connected authentication module in the PAM operating system of Astra Linux relates to the inability for domain users to obtain token tokens during authentication when they lose connection to the domain server. Exploiting this vulnerability could allow a malicious actor to...

The vulnerability of the access control service for remote catalogs and the authentication mechanism of the Astra Linux operating system allow a intruder to trigger a service failure.

The vulnerability of the access control service for remote catalogs and the authentication mechanism of the Astra Linux operating system is related to a flaw that causes domain users to be unable to obtain token credentials during authentication when they lose connection to the domain server...

PWR-Q200 vulnerable to DNS cache poisoning attacks

Overview PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port CWE-330. Toshifumi Sakaguchi reported this vulnerability to IPA. JPCERT/CC coordinated with...

Simple Network penetration spying on a command-vulnerability warning-the black bar safety net

ipconfig /all //You can view the current network card configuration information, including the domain and IP section This command can be seen: the host name---shwdm, IP--192.168.103.8, the gateway IP---192.168.103.10,DNS domain name resolution IP address---192.168.100.1 to an primary WINS server...

Debian Security Advisory DSA 196-1 (bind)

The remote host is missing an update to bind announced via advisory DSA 196-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

[SECURITY] [DSA 1172-1] New bind9 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1172-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2006 http://www.debian.org/security/faq -...

FreeBSD-SA-03:19.bind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:19.bind Security Advisory The FreeBSD Project Topic: bind8 negative cache poison attack Category: contrib Module: contribbind Announced: 2003-11-28 Credits:...