Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
isc vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-0778
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort...
Uniview Isc 2500-s Firmware
9.8
CVSSv3
CVE-2021-25216
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if th...
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.12
Isc Bind
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.11.27
Isc Bind 9.11.29
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.16.13
Siemens Sinec Infrastructure Network Services
Netapp Cloud Backup -
1 Github repository
1 Article
9.8
CVSSv3
CVE-2017-17974
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote malicious users to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative...
Basystems Bas920 Firmware 01.01.00
Basystems Isc2000 Firmware 01.01.00
8.6
CVSSv3
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to proce...
Isc Bind
Isc Bind 9.12.4
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.8
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.2
CVSSv3
CVE-2022-2881
The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.
Isc Bind
8.1
CVSSv3
CVE-2020-8625
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid...
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.11.5
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.17.0
Isc Bind 9.17.1
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Siemens Sinec Infrastructure Network Services
Netapp Cloud Backup -
Netapp A250 Firmware -
Netapp 500f Firmware -
7.8
CVSSv3
CVE-2017-3141
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.1...
Isc Bind
Isc Bind 9.3.2
Isc Bind 9.2.6
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2001-0497
dnskeygen in BIND 8.2.4 and previous versions, and dnssec-keygen in BIND 9.1.2 and previous versions, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows malicious users to obtain the keys and perform dynamic D...
Isc Bind
7.5
CVSSv3
CVE-2023-50387
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote malicious users to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows Server 2022 23h2 -
Fedoraproject Fedora 39
Thekelleys Dnsmasq
Nic Knot Resolver
Powerdns Recursor
Isc Bind
Nlnetlabs Unbound
2 Github repositories
2 Articles
7.5
CVSSv3
CVE-2023-4236
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.1...
Isc Bind 9.18.18
Isc Bind
Isc Bind 9.18.11
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »