Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
isc vulnerabilities and exploits
(subscribe to this query)
358
VMScore
CVE-2018-5741
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when...
Isc Bind
445
VMScore
CVE-2018-5734
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all o...
Isc Bind 9.10.6
Isc Bind 9.10.5
Netapp Solidfire Element Os Management Node -
Netapp Data Ontap Edge -
312
VMScore
CVE-2018-5736
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to ca...
Isc Bind 9.12.0
Isc Bind 9.12.1
Netapp Data Ontap Edge -
Netapp Cloud Backup -
446
VMScore
CVE-2018-5738
Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended (and documented) behavior is that if an operator has not spec...
Isc Bind 9.10.7
Isc Bind 9.12.0
Isc Bind 9.12.1
Isc Bind 9.11.3
Isc Bind 9.13.0
Isc Bind 9.9.12
Canonical Ubuntu Linux 18.04
725
VMScore
CVE-2017-3141
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.1...
Isc Bind
Isc Bind 9.3.2
Isc Bind 9.2.6
1 EDB exploit
1 Github repository
385
VMScore
CVE-2017-3140
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
Isc Bind 9.9.10
Isc Bind 9.10.5
Isc Bind
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Data Ontap Edge -
445
VMScore
CVE-2017-17974
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote malicious users to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative...
Basystems Bas920 Firmware 01.01.00
Basystems Isc2000 Firmware 01.01.00
385
VMScore
CVE-2016-2088
resolver.c in named in ISC BIND 9.10.x prior to 9.10.3-P4, when DNS cookies are enabled, allows remote malicious users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.
Isc Bind 9.10.3
Isc Bind 9.10.2
Isc Bind 9.10.1
Isc Bind 9.10.0
632
VMScore
CVE-2016-2774
ISC DHCP 4.1.x prior to 4.1-ESV-R13 and 4.2.x and 4.3.x prior to 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote malicious users to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
Isc Dhcp 4.1-esv
Isc Dhcp 4.1.0
Isc Dhcp 4.1.1
Isc Dhcp 4.1.2
Isc Dhcp 4.2.0
Isc Dhcp 4.2.1
Isc Dhcp 4.2.2
Isc Dhcp 4.2.3
Isc Dhcp 4.2.4
Isc Dhcp 4.2.5
Isc Dhcp 4.2.6
Isc Dhcp 4.2.7
Isc Dhcp 4.2.8
Isc Dhcp 4.3.0
Isc Dhcp 4.3.1
Isc Dhcp 4.3.2
Isc Dhcp 4.3.3
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
231
VMScore
CVE-2016-1284
rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S prior to 9.9.8-S5, when nxdomain-redirect is enabled, allows remote malicious users to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query.
Isc Bind 9.9.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »