Filter
AND
BIND 9Description: Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by fl…
7
First published (updated )
BIND 9Client queries that trigger serving stale data and that also require lookups in local authoritative …
7
First published (updated )
BIND 9Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same h…
7
First published (updated )
Isc StorkIncorrect TLS certificate validation can lead to escalated privileges
8.9
First published (updated )
Microsoft Windows Server 2012 x64Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BIND 9Specific recursive query patterns may lead to an out-of-memory condition
7.5
First published (updated )
BIND 9Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution
7.5
First published (updated )
BIND 9Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled
7.5
First published (updated )
BIND 9Parsing large DNS messages may cause excessive CPU load
7.5
First published (updated )
ubuntu/bind9named may terminate unexpectedly under high DNS-over-TLS query load
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BIND 9A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly
7.5
First published (updated )
BIND 9Malformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled
7.5
First published (updated )
ubuntu/bind9Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0
7.5
First published (updated )
ubuntu/bind9named's configured cache size limit can be significantly exceeded
7.5
First published (updated )
BIND 9named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BIND 9named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota
7.5
First published (updated )
BIND 9named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries
7.5
First published (updated )
BIND 9An UPDATE message flood may cause named to exhaust all available memory
7.5
First published (updated )
BIND 9Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only)
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BIND 9BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly
7.5
First published (updated )
BIND 9Destroying a TLS session early causes assertion failure
7.5
First published (updated )
NetApp Baseboard Management Controller FirmwareVersions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific quer…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
NetApp Baseboard Management Controller FirmwareAssertion failure on delayed DS lookup
7.5
First published (updated )
BIND 9A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use
7.5
First published (updated )
ISC DHCP ServerA buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient
8.8
First published (updated )
BIND 9An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
7.5
First published (updated )
BIND 9ISC BIND TKEY Query Heap-based Buffer Overflow Remote Code Execution Vulnerability
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.