Vulnerabilities in ISC
107 resultsCVE-2024-4076HIGHAssertion failure when serving both stale cache data and authoritative zone contentEPSS 2.1%CVE-2020-8619MEDIUMA buffer boundary check assertion in rdataset.c can fail incorrectly during zone transferEPSS 2.1%CVE-2022-38178HIGHMemory leaks in EdDSA DNSSEC verification codeEPSS 2.1%CVE-2019-6469MEDIUMBIND Supported Preview Edition can exit with an assertion failure if ECS is in useEPSS 1.9%CVE-2018-5739MEDIUMFailure to release memory may exhaust system resourcesEPSS 1.9%CVE-2020-8618MEDIUMA buffer boundary check assertion in rdataset.c can fail incorrectly during zone transferEPSS 1.8%CVE-2026-3593HIGHHeap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementationEPSS 1.6%CVE-2022-2906HIGHMemory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only)EPSS 1.6%CVE-2022-3080HIGHBIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedlyEPSS 1.5%CVE-2022-2795MEDIUMProcessing large delegations may severely degrade resolver performanceEPSS 1.4%CVE-2017-3141HIGHWindows service and uninstall paths are not quoted when BIND is installedEPSS 1.4%CVE-2023-4408HIGHParsing large DNS messages may cause excessive CPU loadEPSS 1.3%CVE-2022-0667HIGHAssertion failure on delayed DS lookupEPSS 1.3%CVE-2022-0635HIGHVersions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually tEPSS 1.3%CVE-2019-6475MEDIUMA flaw in mirror zone validity checking can allow zone data to be spoofedEPSS 1.3%CVE-2023-5679HIGHEnabling both DNS64 and serve-stale may cause an assertion failure during recursive resolutionEPSS 1.2%CVE-2023-5517HIGHQuerying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabledEPSS 1.2%CVE-2026-5947HIGHSIG(0) validation during query flood may lead to undefined behaviorEPSS 1.2%CVE-2023-6516HIGHSpecific recursive query patterns may lead to an out-of-memory conditionEPSS 1.1%CVE-2026-3608HIGHStack overflow in Kea daemonsEPSS 1.1%