Vulnerabilidades en ISC
107 resultadosCVE-2020-8617HIGHA logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.cEPSS 93.4%CVE-2021-25216HIGHA second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attackEPSS 83.4%CVE-2017-3144MEDIUMFailure to properly clean up closed OMAPI connections can exhaust available socketsEPSS 72.7%CVE-2020-8625HIGHA vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attackEPSS 64.2%CVE-2018-5740HIGHA flaw in the "deny-answer-aliases" feature can cause an assertion failure in namedEPSS 59.4%CVE-2022-3736HIGHnamed configured to answer from stale cache may terminate unexpectedly while processing RRSIG queriesEPSS 50.2%CVE-2017-3145HIGHImproper fetch cleanup sequencing in the resolver can cause named to crashEPSS 27.9%CVE-2018-5733MEDIUMA malicious client can overflow a reference counter in ISC dhcpdEPSS 20.2%CVE-2022-3488HIGHnamed may terminate unexpectedly when processing ECS options in repeated responses to iterative queriesEPSS 19.0%CVE-2017-3143HIGHAn error in TSIG authentication can permit unauthorized dynamic updatesEPSS 18.2%CVE-2022-3924HIGHnamed configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quotaEPSS 17.3%CVE-2017-3135HIGHCombination of DNS64 and RPZ Can Lead to CrashEPSS 17.1%CVE-2024-12705HIGHDNS-over-HTTPS implementation suffers from multiple issues under heavy query loadEPSS 15.7%CVE-2024-11187HIGHMany records in the additional section cause CPU exhaustionEPSS 14.3%CVE-2022-3094HIGHAn UPDATE message flood may cause named to exhaust all available memoryEPSS 13.1%CVE-2017-3140LOWAn error processing RPZ rules can cause named to loop endlessly after handling a queryEPSS 12.1%CVE-2021-25215HIGHAn assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itselfEPSS 11.3%CVE-2017-3136MEDIUMAn error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"EPSS 11.1%CVE-2018-5738MEDIUMSome versions of BIND can improperly permit recursive query service to unauthorized clientsEPSS 11.1%CVE-2025-8677HIGHResource exhaustion via malformed DNSKEY handlingEPSS 11.0%