High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-21	CVE-2022-3080	By sending specific queries to the resolver, an attacker can cause named to crash. network low complexity isc fedoraproject	7.5
2022-05-19	CVE-2022-1183	Reachable Assertion vulnerability in multiple products On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. network low complexity isc netapp CWE-617	7.5
2022-03-23	CVE-2022-0635	Reachable Assertion vulnerability in multiple products Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check. network low complexity isc netapp CWE-617	7.5
2022-03-22	CVE-2022-0667	Reachable Assertion vulnerability in multiple products When the vulnerability is triggered the BIND process will exit. network low complexity isc netapp CWE-617	7.5
2021-08-18	CVE-2021-25218	Reachable Assertion vulnerability in multiple products In BIND 9.16.19, 9.17.16. network low complexity isc fedoraproject CWE-617	7.5
2021-04-29	CVE-2021-25215	Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. network low complexity debian isc fedoraproject netapp oracle siemens CWE-617	7.5
2021-02-17	CVE-2020-8625	Classic Buffer Overflow vulnerability in multiple products BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. network high complexity isc debian fedoraproject siemens netapp CWE-120	8.1
2020-08-21	CVE-2020-8623	Reachable Assertion vulnerability in multiple products In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. network low complexity isc fedoraproject opensuse debian canonical synology netapp CWE-617	7.5
2020-08-21	CVE-2020-8621	Reachable Assertion vulnerability in multiple products In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. network low complexity isc opensuse canonical synology netapp CWE-617	7.5
2020-08-21	CVE-2020-8620	Reachable Assertion vulnerability in multiple products In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. network low complexity isc opensuse netapp canonical CWE-617	7.5