Isc Bind

67 CVEs affecting Isc Bind. Latest disclosed: 2026-05-20. Critical: 0, High: 16.

Top CVEs affecting Isc Bind
CVESeverityScorePublishedSummary
CVE-2016-1286High8.62016-03-09named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via…
CVE-2026-5947High7.52026-05-20Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it b…
CVE-2026-5946High7.52026-05-20Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, o…
CVE-2026-3039High7.52026-05-20BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processi…
CVE-2026-3104High7.52026-03-25A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 thro…
CVE-2026-1519High7.52026-03-25If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only server…
CVE-2022-0635High7.52022-03-23Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a f…
CVE-2022-0667High7.52022-03-22When the vulnerability is triggered the BIND process will exit. BIND 9.18.0
CVE-2016-9444High7.52017-01-12named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion fai…
CVE-2016-9147High7.52017-01-12named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a r…
CVE-2016-9131High7.52017-01-12named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion fai…
CVE-2016-8864High7.52016-11-02named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion fai…
CVE-2016-2848High7.52016-10-21ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malform…
CVE-2016-2776High7.52016-09-28buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remot…
CVE-2026-3593High7.42026-05-20A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21…
CVE-2015-8705High7.02016-01-20buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion f…
CVE-2021-25220Medium6.82022-03-23BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 e…
CVE-2016-2088Medium6.82016-03-09resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion f…
CVE-2016-1285Medium6.82016-03-09named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote…
CVE-2026-3119Medium6.52026-03-25Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an inco…