cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4076,https://securityvulnerability.io/vulnerability/CVE-2024-4076,Stale Data and Assertion Failures in BIND 9 Versions,"This vulnerability in BIND 9 arises from a failure in handling client queries that can trigger the serving of stale data. In scenarios where local authoritative zone data is required for lookups, the issue may lead to an assertion failure. This poses a significant concern for users relying on BIND 9 for DNS services. Versions of BIND 9 affected include a range from 9.11.x to 9.19.x, necessitating immediate attention to prevent potential disruptions in service.",Isc,Bind 9,7.5,HIGH,0.00044999999227002263,false,,true,false,true,2025-02-13T18:19:10.000Z,,false,false,,2024-07-23T14:40:57.256Z,0
CVE-2024-1975,https://securityvulnerability.io/vulnerability/CVE-2024-1975,Excessive CPU Usage for DNSSEC-Validated 'KEY' Resource Records in BIND 9,"A resource exhaustion vulnerability exists in BIND 9 software that can be exploited when a server hosts a zone containing a 'KEY' Resource Record, or when a resolver DNSSEC-validates a 'KEY' Resource Record from a DNSSEC-signed domain cached. Attackers can overwhelm resolver CPU resources with a continuous stream of SIG(0) signed requests, potentially leading to a denial of service condition. This affects multiple versions of BIND 9, including those from the 9.0.0 series to the latest releases.",Isc,Bind 9,7.5,HIGH,0.00044999999227002263,false,,false,false,true,2025-02-13T18:17:40.000Z,,false,false,,2024-07-23T14:38:57.143Z,0
CVE-2024-1737,https://securityvulnerability.io/vulnerability/CVE-2024-1737,Degraded Performance in BIND Due to Large DNS Caches,"This vulnerability affects the BIND DNS server, specifically targeting its resolver caches and authoritative zone databases. When these components hold a substantial number of Resource Records (RRs) for a single hostname, they may experience degraded performance. This can occur both during updates or additions of content and when handling client queries. The affected versions of BIND are known to struggle with such scenarios, potentially affecting the overall efficiency of DNS resolution and impacting service availability.",Isc,Bind 9,7.5,HIGH,0.00044999999227002263,false,,true,false,true,2025-02-13T18:17:39.000Z,,false,false,,2024-07-23T14:34:09.750Z,0
CVE-2024-0760,https://securityvulnerability.io/vulnerability/CVE-2024-0760,DNS Server Unstable During Malicious DNS Message Flood,"The vulnerability CVE-2024-0760 affects the DNS server and can cause it to become unstable during a flood of malicious DNS messages over TCP. It impacts BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1. This vulnerability could lead to a denial of service and has been exploited in the wild. Ubuntu has released updated packages to fix the issue, and it is recommended for affected systems to update promptly.",Isc,Bind 9,7.5,HIGH,0.00044999999227002263,false,,true,false,true,2025-02-13T18:17:33.000Z,,false,false,,2024-07-23T14:26:54.983Z,0
CVE-2024-12705,https://securityvulnerability.io/vulnerability/CVE-2024-12705,Denial of Service Vulnerability in BIND 9 by ISC,"A vulnerability exists in BIND 9 that allows clients utilizing DNS-over-HTTPS (DoH) to overload a DNS resolver's CPU and memory. Attackers can exploit this by sending a flood of crafted HTTP/2 traffic, whether valid or invalid, which can result in a significant degradation of service performance. This issue affects multiple versions of BIND 9, necessitating prompt attention from users to mitigate potential risks.",Isc,Bind 9,7.5,HIGH,0.0004299999854993075,false,,false,false,true,2025-01-29T21:40:27.839Z,false,false,false,,2025-01-29T21:40:27.839Z,130
CVE-2024-11187,https://securityvulnerability.io/vulnerability/CVE-2024-11187,Resource Exhaustion Vulnerability in BIND 9 by ISC,"A resource exhaustion vulnerability exists in BIND 9 that can be exploited through specially crafted DNS zones. Attackers can generate numerous query responses that overwhelm both authoritative servers and resolvers, leading to high resource consumption. This can disrupt DNS services and degrade server performance. System administrators are advised to review their DNS configurations and apply necessary mitigations to safeguard their systems from potential exploitation caused by this vulnerability.",Isc,Bind 9,7.5,HIGH,0.0004299999854993075,false,,true,false,true,2025-01-29T21:40:11.942Z,false,false,false,,2025-01-29T21:40:11.942Z,451