cbcvebase.

Isc Bind vulnerabilities

195 known vulnerabilities affecting isc/bind.

Total CVEs
195
CISA KEV
0
Public exploits
16
Exploited in wild
4
Severity breakdown
CRITICAL9HIGH100MEDIUM80LOW6

Vulnerabilities

Page 3 of 10
CVE-2012-4244P3HIGHCVSS 7.8v9.0v9.0.0+53 more2012-09-14
CVE-2012-4244 [HIGH] CVE-2012-4244: ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
nvd
CVE-2025-40775P3HIGHCVSS 7.5≥ 0, < 9.18.37-r0≥ 0, < 9.20.9-r02025-05-21
CVE-2025-40775 [HIGH] CVE-2025-40775: When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7.
osv
CVE-2018-5738P3HIGHCVSS 7.5v9.9.12v9.10.7+4 more2019-01-16
CVE-2018-5738 [HIGH] CWE-200 CVE-2018-5738: Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issu Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended (and documented) behavior is that if an operator has not specified a value for the "allow-recursion" setting, it SHOULD default to one o
nvd
CVE-2012-5166P3HIGHCVSS 7.8v9.0v9.0.0+52 more2012-10-10
CVE-2012-5166 [HIGH] CWE-189 CVE-2012-5166: ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
nvd
CVE-2012-3817P3HIGHCVSS 7.8v9.4v9.4.0+26 more2012-07-25
CVE-2012-3817 [HIGH] CWE-20 CVE-2012-3817: ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.
nvd
CVE-2012-1667P3HIGHCVSS 8.5v9.0v9.0.0+49 more2012-06-05
CVE-2012-1667 [HIGH] CWE-189 CVE-2012-1667: ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafte
nvd
CVE-2025-40776P3HIGHCVSS 8.6≥ 0, < 9.20.11-r02025-07-16
CVE-2025-40776 [HIGH] CVE-2025-40776: A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.
osv
CVE-2016-2848P3HIGHCVSS 7.5v9.1v9.1.0+53 more2016-10-21
CVE-2016-2848 [HIGH] CWE-20 CVE-2016-2848: ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.
nvd
CVE-2016-9147P3HIGHCVSS 7.5v9.9.9v9.10.4+1 more2017-01-12
CVE-2016-9147 [HIGH] CWE-20 CVE-2016-9147: named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a de named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.
nvd
CVE-2016-9444P3HIGHCVSS 7.5v9.0v9.0.0+58 more2017-01-12
CVE-2016-9444 [HIGH] CWE-20 CVE-2016-9444: named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows r named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.
nvd
CVE-2020-8623P3HIGHCVSS 7.5≥ 9.10.0, ≤ 9.11.21≥ 9.12.1, ≤ 9.16.5+3 more2020-08-21
CVE-2020-8623 [HIGH] CWE-617 CVE-2020-8623: In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signin
nvd
CVE-2023-3341P3HIGHCVSS 7.5≥ 9.2.0, < 9.16.44≥ 9.18.0, < 9.18.19+29 more2023-09-20
CVE-2023-3341 [HIGH] CWE-787 CVE-2023-3341: The code that processes control channel messages sent to `named` calls certain functions recursively The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each i
nvdosv
CVE-2016-6170P3MEDIUMCVSS 6.5≥ 9.0, ≤ 9.9.8≥ 9.10.0, ≤ 9.10.3+3 more2016-07-06
CVE-2016-6170 [MEDIUM] CWE-20 CVE-2016-6170: ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denia
nvd
CVE-2026-1519P3HIGHCVSS 7.5≥ 9.11.0, ≤ 9.16.50≥ 9.18.0, < 9.18.47+2 more2026-03-25
CVE-2026-1519 [HIGH] CWE-606 CVE-2026-1519: If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the re If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-qu
nvdosv
CVE-2007-2926P4MEDIUMCVSS 4.3PoCv9.0v9.1+5 more2007-07-24
CVE-2007-2926 [MEDIUM] CVE-2007-2926: ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids wh ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
nvd
CVE-2026-3039P3HIGHCVSS 7.5≥ 9.0.0, ≤ 9.16.50≥ 9.18.0, < 9.18.49+2 more2026-05-20
CVE-2026-3039 [HIGH] CWE-771 CVE-2026-3039: BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions
nvd
CVE-2024-0760P3HIGHCVSS 7.5≥ 0, < 9.18.31-r0≥ 0, < 9.18.28-r02024-07-23
CVE-2024-0760 [HIGH] CVE-2024-0760: A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1
osv
CVE-2000-0887P4MEDIUMCVSS 5.0PoCv8.2.22000-12-19
CVE-2000-0887 [MEDIUM] CVE-2000-0887: named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
nvd
CVE-2017-3143P3MEDIUMCVSS 5.9≥ 9.4.0, ≤ 9.8.8≥ 9.9.0, ≤ 9.9.10+7 more2019-01-16
CVE-2017-3143 [MEDIUM] CVE-2017-3143: An attacker who is able to send and receive messages to an authoritative DNS server and who has know An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S
nvd
CVE-2018-5743P3HIGHCVSS 7.5≥ 9.9.0, ≤ 9.10.8≥ 9.11.0, ≤ 9.11.6+6 more2019-10-09
CVE-2018-5743 [HIGH] CWE-770 CVE-2018-5743: By design, BIND is intended to limit the number of TCP clients that can be connected at any given ti By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be e
nvd