internet systems consortium

Top products

The 15 most recently published vulnerabilities affecting internet systems consortium.

• CVE-2025-11232Invalid characters cause assert7.5Oct 29, 2025
• CVE-2025-40780Cache poisoning due to weak PRNG8.6Oct 22, 2025
• CVE-2025-40778Cache poisoning attacks with unsolicited RRs8.6Oct 22, 2025
• CVE-2025-8677Resource exhaustion via malformed DNSKEY handling7.5Oct 22, 2025
• CVE-2025-40779Kea crash upon interaction between specific client options and subnet selection7.5Aug 27, 2025
• CVE-2025-32803Insecure file permissions can result in confidential information leakage4.0May 28, 2025
• CVE-2025-32802Insecure handling of file paths allows multiple local attacks6.1May 28, 2025
• CVE-2025-32801Loading a malicious hook library can lead to local privilege escalation7.8May 28, 2025
• CVE-2024-12705DNS-over-HTTPS implementation suffers from multiple issues under heavy query load7.5Jan 29, 2025
• CVE-2024-11187Many records in the additional section cause CPU exhaustion7.5Jan 29, 2025
• CVE-2024-4076Assertion failure when serving both stale cache data and authoritative zone content7.5Jul 23, 2024
• CVE-2024-1975SIG(0) can be used to exhaust CPU resources7.5Jul 23, 2024
• CVE-2024-1737BIND's database will be slow if a very large number of RRs exist at the same name7.5Jul 23, 2024
• CVE-2024-0760A flood of DNS messages over TCP may make the server unstable7.5Jul 23, 2024
• CVE-2023-50868The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) v...7.5Feb 14, 2024