Vulnerabilities > ISC
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2013-5661 | Authentication Bypass by Spoofing vulnerability in multiple products Cache Poisoning issue exists in DNS Response Rate Limiting. | 2.6 |
| 2019-11-01 | CVE-2019-6470 | There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. | 5.0 |
| 2019-10-30 | CVE-2018-5742 | Reachable Assertion vulnerability in ISC Bind 9.9.465/9.9.472 While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. | 7.5 |
| 2019-10-17 | CVE-2019-6476 | Reachable Assertion vulnerability in ISC Bind A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. | 7.5 |
| 2019-10-17 | CVE-2019-6475 | Insufficient Verification of Data Authenticity vulnerability in ISC Bind Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. | 7.5 |
| 2019-10-16 | CVE-2019-6474 | Missing Release of Resource after Effective Lifetime vulnerability in ISC KEA 1.4.0/1.5.0/1.6.0 A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. | 6.1 |
| 2019-10-16 | CVE-2019-6472 | Reachable Assertion vulnerability in ISC KEA 1.4.0/1.5.0/1.6.0 A packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit due to an assertion failure. | 3.3 |
| 2019-10-09 | CVE-2019-6471 | Reachable Assertion vulnerability in multiple products A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. | 5.9 |
| 2019-10-09 | CVE-2019-6469 | Reachable Assertion vulnerability in ISC Bind 9.10.5/9.11.6 An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. | 7.5 |
| 2019-10-09 | CVE-2019-6468 | Reachable Assertion vulnerability in ISC Bind 9.10.5/9.11.5 In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. | 5.0 |