Vulnerabilidades em ISC
107 resultadosCVE-2023-2828HIGHnamed's configured cache size limit can be significantly exceededEPSS 3.8%CVE-2019-6465MEDIUMZone transfer controls for writable DLZ zones were not effectiveEPSS 3.7%CVE-2020-8620HIGHIn BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection EPSS 3.7%CVE-2020-8624MEDIUMupdate-policy rules of type "subdomain" are enforced incorrectlyEPSS 3.6%CVE-2021-25218HIGHA too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in useEPSS 3.6%CVE-2018-5741MEDIUMUpdate policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentationEPSS 3.5%CVE-2018-5744HIGHA specially crafted packet can cause named to leak memoryEPSS 3.4%CVE-2019-6471MEDIUMA race condition when discarding malformed packets can cause BIND to exit with an assertion failureEPSS 3.3%CVE-2021-25220MEDIUMDNS forwarders - cache poisoning vulnerabilityEPSS 3.3%CVE-2020-8621HIGHAttempting QNAME minimization after forwarding can lead to an assertion failure in resolver.cEPSS 2.9%CVE-2019-6476MEDIUMAn error in QNAME minimization code can cause BIND to exit with an assertion failureEPSS 2.9%CVE-2023-3341HIGHA stack exhaustion flaw in control channel code may cause named to terminate unexpectedlyEPSS 2.6%CVE-2022-0396MEDIUMDoS from specifically crafted TCP packetsEPSS 2.6%CVE-2023-2911HIGHExceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0EPSS 2.6%CVE-2019-6468MEDIUMBIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is usedEPSS 2.5%CVE-2018-5745MEDIUMAn assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keysEPSS 2.3%CVE-2022-38177HIGHMemory leak in ECDSA DNSSEC verification codeEPSS 2.2%CVE-2023-4236HIGHnamed may terminate unexpectedly under high DNS-over-TLS query loadEPSS 2.1%CVE-2024-1975HIGHSIG(0) can be used to exhaust CPU resourcesEPSS 2.1%CVE-2024-1737HIGHBIND's database will be slow if a very large number of RRs exist at the same nameEPSS 2.1%