Lucene search
+L

148 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

RockyLinux 8 : bind9.16 (RLSA-2026:23360)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:23360 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

7.5CVSS5.6AI score0.0181EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/04 3:27 p.m.16 views

bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API Generic Security Service Application Program Interface tokens. This can lead to excessive memory consumption,...

7.5CVSS5.8AI score0.01047EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/04 3:27 p.m.13 views

Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0181EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/06/04 12:0 a.m.12 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
Ubuntu
Ubuntu
added 2026/05/21 7:11 p.m.15 views

USN-8293-1: Bind vulnerabilities

Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...

9.8CVSS6AI score0.01844EPSS
Exploits1
NVD
NVD
added 2026/05/20 1:16 p.m.13 views

CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS0.01047EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/05/20 1:9 p.m.96 views

CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS0.01047EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/05/20 1:9 p.m.38 views

CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in bind9

In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and...

9.8CVSS7.6AI score0.82367EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/20 12:0 a.m.11 views

CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a security vulnerability that arises from the use of TKEY authentication based on GSS-API tokens. Processing maliciously constructed packets may lead to excessive memory consumption. The following versio...

7.5CVSS5.8AI score0.01047EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/05 8:58 a.m.22 views

CVE-2026-6238

A flaw was found in glibc GNU C Library. The deprecated functions nsprintrrf, nsprintrr, and fpnquery do not properly validate the length of RDATA Resource Record Data in a DNS Domain Name System response when processing specific record types like LOC, CERT, TKEY, or TSIG. A remote attacker could...

6.5CVSS5.8AI score0.00358EPSS
Exploits0References5
OSV
OSV
added 2026/04/28 7:37 p.m.6 views

DEBIAN-CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response,...

6.5CVSS5.8AI score0.00358EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/28 4:43 p.m.5 views

CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response,...

6.5CVSS5.8AI score0.00358EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.2 and later contain security vulnerabilities. These vulnerabilities arise when functions such as nsprintrrf, nsprintrr, and fpnquery handle...

6.5CVSS5.8AI score0.00358EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.5 views

PT-2026-35750

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.2 through 2.33 GNU C Library version 2.34 affected versions not specified Description The deprecated functions ns printrrf, ns printrr, and fp nquery fail to validate RDATA content against the RDATA length in a DNS...

6.5CVSS5.5AI score0.00358EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

SUSE SLES16 Security Update : bind (SUSE-SU-2026:21204-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21204-1 advisory. - Update to release 9.20.21 - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service bsc1260805. -...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References14
OSV
OSV
added 2026/04/16 10:19 a.m.4 views

SUSE-SU-2026:21204-1 Security update for bind

This update for bind fixes the following issues: - Update to release 9.20.21 - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service bsc1260805. - CVE-2026-3104: memory leak in code preparing DNSSEC proofs of non-existence allows for DoS bsc1260567. - CVE-2026-311...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References10
OSV
OSV
added 2026/04/16 10:12 a.m.5 views

OPENSUSE-SU-2026:20550-1 Security update for bind

This update for bind fixes the following issues: - Update to release 9.20.21 - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service bsc1260805. - CVE-2026-3104: memory leak in code preparing DNSSEC proofs of non-existence allows for DoS bsc1260567. - CVE-2026-311...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2026:1351-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1351-1 advisory. Security issues: - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References14
Rows per page
Query Builder