Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ISC — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting ISC. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ISC, primarily known for its Internet Systems Consortium software including BIND DNS and DHCP servers, serves as critical infrastructure for global name resolution and network configuration. With 101 recorded CVEs, the project has historically faced diverse security challenges, ranging from remote code execution and buffer overflows to cross-site scripting and privilege escalation vulnerabilities. These flaws often stem from complex parsing logic or improper input validation within the core networking daemons. Notable incidents include critical DNS cache poisoning risks and denial-of-service vectors that have prompted urgent patches across major distributions. The high volume of vulnerabilities reflects the software’s pervasive deployment and the rigorous scrutiny applied to its codebase. While ISC maintains an active security response process, the sheer number of disclosed issues highlights the inherent complexity of maintaining foundational internet protocols. Continuous updates remain essential for administrators relying on these tools to ensure network stability and integrity against evolving threat landscapes.

Found 54 results / 101Clear Filters
Top products by ISC: BIND 9 BIND9 Kea ISC DHCP BIND BIND 9 Supported Preview Edition Stork Kea DHCP
CVE IDTitleCVSSSeverityPublished
CVE-2022-3094 An UPDATE message flood may cause named to exhaust all available memory — BIND 9 7.5 High2023-01-25
CVE-2019-6476 An error in QNAME minimization code can cause BIND to exit with an assertion failure — BIND 9 5.9 Medium2019-10-17
CVE-2019-6475 A flaw in mirror zone validity checking can allow zone data to be spoofed — BIND 9 5.9 Medium2019-10-17
CVE-2019-6471 A race condition when discarding malformed packets can cause BIND to exit with an assertion failure — BIND 9 5.9 -2019-10-09
CVE-2018-5743 Limiting simultaneous TCP clients was ineffective — BIND 9--2019-10-09
CVE-2018-5744 A specially crafted packet can cause named to leak memory — BIND 9 7.5 -2019-10-09
CVE-2018-5745 An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys — BIND 9 4.9 -2019-10-09
CVE-2019-6467 An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c — BIND 9 5.9 -2019-10-09
CVE-2019-6465 Zone transfer controls for writable DLZ zones were not effective — BIND 9 5.3 -2019-10-09
CVE-2017-3135 Combination of DNS64 and RPZ Can Lead to Crash — BIND 9 5.9 -2019-01-16
CVE-2017-3136 An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" — BIND 9 5.9 -2019-01-16
CVE-2017-3137 A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME — BIND 9 7.5 -2019-01-16
CVE-2017-3138 named exits with a REQUIRE assertion failure if it receives a null command string on its control channel — BIND 9 5.3 -2019-01-16
CVE-2017-3140 An error processing RPZ rules can cause named to loop endlessly after handling a query — BIND 9 7.5 -2019-01-16
CVE-2017-3141 Windows service and uninstall paths are not quoted when BIND is installed — BIND 9 7.8 -2019-01-16
CVE-2017-3142 An error in TSIG authentication can permit unauthorized zone transfers — BIND 9 3.7 -2019-01-16
CVE-2017-3143 An error in TSIG authentication can permit unauthorized dynamic updates — BIND 9 5.9 -2019-01-16
CVE-2017-3145 Improper fetch cleanup sequencing in the resolver can cause named to crash — BIND 9 7.5 -2019-01-16
CVE-2018-5734 A malformed request can trigger an assertion failure in badcache.c — BIND 9 7.5 -2019-01-16
CVE-2018-5737 BIND 9.12's serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled. — BIND 9 7.5 -2019-01-16
CVE-2018-5738 Some versions of BIND can improperly permit recursive query service to unauthorized clients — BIND 9 7.5 -2019-01-16
CVE-2018-5740 A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named — BIND 9 7.5 -2019-01-16
CVE-2018-5741 Update policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentation — BIND 9 2.7 -2019-01-16
CVE-2016-9778 An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c — BIND 9 5.9 -2019-01-16

This page lists every published CVE security advisory associated with ISC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.