Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ISC — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting ISC. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ISC, primarily known for its Internet Systems Consortium software including BIND DNS and DHCP servers, serves as critical infrastructure for global name resolution and network configuration. With 101 recorded CVEs, the project has historically faced diverse security challenges, ranging from remote code execution and buffer overflows to cross-site scripting and privilege escalation vulnerabilities. These flaws often stem from complex parsing logic or improper input validation within the core networking daemons. Notable incidents include critical DNS cache poisoning risks and denial-of-service vectors that have prompted urgent patches across major distributions. The high volume of vulnerabilities reflects the software’s pervasive deployment and the rigorous scrutiny applied to its codebase. While ISC maintains an active security response process, the sheer number of disclosed issues highlights the inherent complexity of maintaining foundational internet protocols. Continuous updates remain essential for administrators relying on these tools to ensure network stability and integrity against evolving threat landscapes.

Found 23 results / 101Clear Filters
Top products by ISC: BIND 9 BIND9 Kea ISC DHCP BIND BIND 9 Supported Preview Edition Stork Kea DHCP
CVE IDTitleCVSSSeverityPublished
CVE-2022-3080 BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly — BIND9 7.5 High2022-09-21
CVE-2022-38178 Memory leaks in EdDSA DNSSEC verification code — BIND9 7.5 High2022-09-21
CVE-2022-38177 Memory leak in ECDSA DNSSEC verification code — BIND9 7.5 High2022-09-21
CVE-2022-2906 Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only) — BIND9 7.5 High2022-09-21
CVE-2022-2881 Buffer overread in statistics channel code — BIND9 5.5 Medium2022-09-21
CVE-2022-2795 Processing large delegations may severely degrade resolver performance — BIND9 5.3 Medium2022-09-21
CVE-2022-1183 Destroying a TLS session early causes assertion failure — BIND9 7.5 High2022-05-19
CVE-2021-25219 Lame cache can be abused to severely degrade resolver performance — BIND9 5.3 Medium2021-10-27
CVE-2021-25218 A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use — BIND9 7.5 High2021-08-18
CVE-2021-25216 A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack — BIND9 8.1 High2021-04-29
CVE-2021-25215 An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself — BIND9 7.5 High2021-04-29
CVE-2021-25214 A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly — BIND9 6.5 Medium2021-04-29
CVE-2020-8625 A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack — BIND9 8.1 High2021-02-17
CVE-2020-8624 update-policy rules of type "subdomain" are enforced incorrectly — BIND9 4.3 Medium2020-08-21
CVE-2020-8623 A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c — BIND9 7.5 High2020-08-21
CVE-2020-8622 A truncated TSIG response can lead to an assertion failure — BIND9 6.5 Medium2020-08-21
CVE-2020-8621 Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c — BIND9 7.5 High2020-08-21
CVE-2020-8620 Internet Systems Consortium BIND server 安全漏洞 — BIND9 7.5 High2020-08-21
CVE-2020-8619 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer — BIND9 4.9 Medium2020-06-17
CVE-2020-8618 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer — BIND9 4.9 Medium2020-06-17
CVE-2020-8617 A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c — BIND9 7.5 High2020-05-19
CVE-2020-8616 BIND does not sufficiently limit the number of fetches performed when processing referrals — BIND9 8.6 High2020-05-19
CVE-2019-6477 TCP-pipelined queries can bypass tcp-clients limit — BIND9 7.5 High2019-11-26

This page lists every published CVE security advisory associated with ISC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.