Security update for bind

This update for bind fixes the following issues: CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...

Invalid handling of CLASS != IN

...

CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

EUVD-2026-8718

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...

CVE-2024-24789

CVE-2024-24789 affects the Go standard library archive/zip handling. The issue arises from how the package treats certain invalid ZIP files, differing from most ZIP implementations; the patch causes the archive/zip module to reject such files. Public advisories confirm a fix is available in patch...

RHEL 5 : mod_nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - modnss: Invalid handling of +CIPHER operator CVE-2016-3099 Note that Nessus has not tested for this issue but has...

Security Bulletin: Rational Team Concert (RTC) and IBM Engineering Workflow Management (EWM) OpenSSL vulnerability CVE-2021-4044

Summary There is a vulnerability CVE-2021-4044 which affects Rational Team Concert RTC and IBM Engineering Workflow Management EWM. Vulnerability Details CVEID: CVE-2021-4044 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by invalid handling of...

SUSE: Security Advisory (SUSE-SU-2019:1486-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD -- ipfw invalid mbuf handling

Problem Description: Incomplete packet data validation may result in accessing out-of-bounds memory CVE-2019-5614 or may access memory after it has been freed CVE-2019-15874. Impact: Access to out of bounds or freed mbuf data can lead to a kernel panic or other unpredictable results...

clutter privilege escalation

Invalid handling of system resume...

PHP / python certificate spoofing

Subject Alternative Name 0 invalid handling...