Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

CLSA-2026-1777614493 ansible: Fix of CVE-2019-14904

CVE-2019-14904: validate solariszone name to prevent command injection...

OESA-2026-2062 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

OESA-2026-2058 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

RLSA-2026:8312 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

UBUNTU-CVE-2025-25188

Hickory DNS is a Rust based DNS client, server, and resolver. A vulnerability present starting in version 0.8.0 and prior to versions 0.24.3 and 0.25.0-alpha.5 impacts Hickory DNS users relying on DNSSEC verification in the client library, stub resolver, or recursive resolver. The DNSSEC validati...

CVE-2025-22216

CVE-2025-22216 affects CloudFoundry UAA (multi-identity-zone configuration). The issue is improper validation of session information across zones, allowing a user authenticated against a corporate IDP to reuse a jsessionid to access other zones. Affected releases include UAA up to 77.20.1, 77.24....

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

Mitel ShoreTel conferencing component cross-site scripting vulnerability

Mitel Connect Mitel ShoreTel is a software for office communication from Mitel Canada. The software provides access to corporate contacts, support for selecting contacts to open meetings, and an interface to manage calls and voicemail. A cross-site scripting vulnerability exists in the conferenci...

CVE-2020-28351

The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack via the PATHINFO to index.php due to insufficient validation for the timezone object in the HOMEMEETING& page...

CVE-2019-1220

A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'...