Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
isc bind 9.10.5 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-6468
In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Ver...
Isc Bind 9.10.5
Isc Bind 9.11.5
7.5
CVSSv3
CVE-2019-6469
An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.
Isc Bind 9.10.5
Isc Bind 9.11.6
5.9
CVSSv3
CVE-2017-3140
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
Isc Bind
Isc Bind 9.9.10
Isc Bind 9.10.5
Netapp Data Ontap Edge -
Netapp Element Software -
Netapp Oncommand Balance -
8.6
CVSSv3
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to proce...
Isc Bind
Isc Bind 9.12.4
Isc Bind 9.9.3
Isc Bind 9.10.5
Isc Bind 9.10.7
Isc Bind 9.11.3
Isc Bind 9.11.5
Isc Bind 9.11.6
Isc Bind 9.11.7
Isc Bind 9.11.8
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2018-5734
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all o...
Isc Bind 9.10.5
Isc Bind 9.10.6
Netapp Data Ontap Edge -
Netapp Solidfire Element Os Management Node -
5.3
CVSSv3
CVE-2017-3138
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some...
Isc Bind 9.9.9
Isc Bind 9.9.10
Isc Bind 9.10.4
Isc Bind 9.10.5
Isc Bind 9.11.0
Isc Bind 9.11.1
Netapp Data Ontap Edge -
Netapp Element Software -
Netapp Oncommand Balance -
Debian Debian Linux 8.0
5.3
CVSSv3
CVE-2022-2795
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
Isc Bind
Isc Bind 9.9.3
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.10.5
Isc Bind 9.10.7
Isc Bind 9.11.3
Isc Bind 9.11.5
Isc Bind 9.11.6
Isc Bind 9.11.7
Isc Bind 9.11.8
Isc Bind 9.11.12
7.5
CVSSv3
CVE-2022-38177
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Isc Bind
Isc Bind 9.9.3
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.10.5
Isc Bind 9.10.7
Isc Bind 9.11.3
Isc Bind 9.11.5
Isc Bind 9.11.6
Isc Bind 9.11.7
Isc Bind 9.11.8
Isc Bind 9.11.12
7.5
CVSSv3
CVE-2023-3341
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of avai...
Isc Bind
Isc Bind 9.9.3
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.10.5
Isc Bind 9.10.7
Isc Bind 9.11.3
Isc Bind 9.11.4
Isc Bind 9.11.5
Isc Bind 9.11.6
Isc Bind 9.11.7
Isc Bind 9.11.8
1 Github repository
5.9
CVSSv3
CVE-2020-8617
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whos...
Isc Bind
Isc Bind 9.12.4
Isc Bind 9.9.3
Isc Bind 9.10.5
Isc Bind 9.10.7
Isc Bind 9.11.3
Isc Bind 9.11.5
Isc Bind 9.11.6
Isc Bind 9.11.7
Isc Bind 9.11.8
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-21317
CVE-2025-23940
buffer overflow
CVE-2025-21335
CVE-2025-23860
CVE-2024-57704
SSTI
wireless
CVE-2019-3309
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »