ISC BIND 9.10.1
Approved changes feed: RSS · Atom
cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*
part: a version: 9.10.1 update: *
| Vendor | Isc (4a2f2b37-98b6-5702-822d-72afcd17d050) |
|---|---|
| Product | Bind (ea404969-e27c-5a4f-ab6f-da9eff8fdf08) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.769778 |
pkg:gitlab/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.769780 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-9444 |
vulnerable | 2026-06-03 14:36:16.717779 |
Details available
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.
Published: 2017-01-12T06:06:00.000Z
Updated: 2024-08-06T02:50:38.365Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-2776 |
vulnerable | 2026-06-03 14:35:43.666817 |
Details available
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Published: 2016-09-28T10:00:00.000Z
Updated: 2024-08-05T23:32:20.918Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-2088 |
vulnerable | 2026-06-03 14:35:36.641125 |
Details available
resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.
Published: 2016-03-09T23:00:00.000Z
Updated: 2024-08-05T23:17:50.701Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8705 |
vulnerable | 2026-06-03 14:35:12.739057 |
Details available
buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option.
Published: 2016-01-20T15:00:00.000Z
Updated: 2024-08-06T08:29:21.425Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8704 |
vulnerable | 2026-06-03 14:35:12.734347 |
Details available
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
Published: 2016-01-20T15:00:00.000Z
Updated: 2024-08-06T08:29:20.879Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8461 |
vulnerable | 2026-06-03 14:35:12.004383 |
Details available
Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.
Published: 2015-12-16T15:00:00.000Z
Updated: 2024-08-06T08:20:41.759Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8000 |
vulnerable | 2026-06-03 14:35:10.829125 |
Details available
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.
Published: 2015-12-16T15:00:00.000Z
Updated: 2024-08-06T08:06:31.443Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-4620 |
vulnerable | 2026-06-03 14:34:52.341347 |
Details available
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
Published: 2015-07-08T14:00:00.000Z
Updated: 2024-08-06T06:18:12.213Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-1349 |
vulnerable | 2026-06-03 14:34:39.255761 |
Details available
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.
Published: 2015-02-19T02:00:00.000Z
Updated: 2024-08-06T04:40:18.567Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-8680 |
vulnerable | 2026-06-03 14:34:24.982871 |
Details available
The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.
Published: 2014-12-11T02:00:00.000Z
Updated: 2024-08-06T13:26:02.333Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-8500 |
vulnerable | 2026-06-03 14:34:24.170663 |
Details available
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
Published: 2014-12-11T02:00:00.000Z
Updated: 2024-08-06T13:18:48.302Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-0382 |
vulnerable | 2026-06-03 14:30:08.533221 |
Details available
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.
Published: 2010-01-22T21:20:00.000Z
Updated: 2024-08-07T00:45:12.225Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-0290 |
vulnerable | 2026-06-03 14:30:08.086332 |
Details available
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.
Published: 2010-01-22T21:20:00.000Z
Updated: 2024-08-07T00:45:11.627Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.