CVE-2026-3119 Authenticated query containing a TKEY record may cause named to terminate unexpectedly

Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature TSIG from a key declared in the named configuration. This issue affects BIND 9 versions 9.20....

UBUNTU-CVE-2026-3119

Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature TSIG from a key declared in the named configuration. This issue affects BIND 9 versions 9.20....

EUVD-2023-45770

Malicious code in bioql PyPI...

CVE-2024-50861

The ipmoddnskeyform.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks...

CVE-2024-50861

The ipmoddnskeyform.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks...

CVE-2024-50861

The ipmoddnskeyform.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks...

PT-2025-2893 · Gestioip · Gestioip

Name of the Vulnerable Software and Affected Versions: GestioIP version 3.5.7 Description: The issue concerns a Stored XSS vulnerability in the ip mod dns key form.cgi request. An attacker can inject malicious code into the TSIG Key field, which is saved in the database and triggers XSS when...

NewStart CGSL MAIN 6.06 : bind Multiple Vulnerabilities (NS-SA-2023-0094)

The remote NewStart CGSL host, running version MAIN 6.06, has bind packages installed that are affected by multiple vulnerabilities: - By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter...

F5 Networks BIG-IP : BIG-IP DNS TSIG Key Leakage (K98334513)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K98334513 advisory. When a BIG-IP DNS or BIG-IP LTM system is enabled with the DNS Services license, and a TSIG key is created, t...

CVE-2023-41253

When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Code injection

When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-41253 BIG-IP DNS TSIG Key vulnerability

When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K36328238: The BIG-IP DNS system may erroneously display the TSIG key secret in plain text form

Security Advisory Description The BIG-IP DNS system may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configured a TSIG key in the BIG-IP DNS system. You used one of the following methods to vi...

K03332436: The BIG-IP DNS Configuration utility may erroneously display the TSIG key secret in plain text form

Security Advisory Description The BIG-IP DNS Configuration utility may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configure a TSIG key in the BIG-IP DNS system. You use the Configuration...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2021-0137)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, throu...

EulerOS Virtualization 3.0.2.2 : bind (EulerOS-SA-2021-2127)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Bind-utils contains a collection of utilities for querying DNS Domain Name System name servers to find out information about Intern...

SUSE SLES11 Security Update : bind (SUSE-SU-2020:14400-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14400-1 advisory. - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called...

NewStart CGSL MAIN 4.06 : bind Multiple Vulnerabilities (NS-SA-2021-0003)

The remote NewStart CGSL host, running version MAIN 4.06, has bind packages installed that are affected by multiple vulnerabilities: - Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses th...

NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2020-0063)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has bind packages installed that are affected by multiple vulnerabilities: - managed-keys is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in...

EulerOS Virtualization 3.0.6.6 : bind (EulerOS-SA-2020-2444)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker...