What is the isc CNA?
isc is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 101 CVE records since 2019.
How many CVEs has isc published?
isc has published 101 CVE records, including 25 in the last two years.
What is isc's CVE data quality grade?
RadicalNotion.AI grades isc's CVE data quality as B, with an overall completeness score of 82.4%. This reflects how consistently its CVE records include vendor (99%), product (99%), CVSS (98%), and CWE (33.7%) information.
What products does isc publish CVEs for?
isc most frequently publishes CVEs for BIND, BIND9, BIND 9, debian linux, fedora.
Which vendors does isc cover?
isc publishes CVEs across 5 distinct vendors, most often ISC, isc-projects, netapp, Debian, fedoraproject.
Is isc actively publishing CVEs?
isc is currently active, based on 25 CVEs in the last two years.
What is the average severity of isc's CVEs?
The average CVSS base score across isc's scored CVEs is 6.9.
Are any of isc's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of isc's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in isc's CVEs?
isc's CVEs most often map to these CWE weakness types: CWE-617 (Reachable Assertion), CWE-770 (Allocation of Resources Without Limits or Throttling), CWE-401 (Missing Release of Memory after Effective Lifetime), CWE-349 (Acceptance of Extraneous Untrusted Data With Trusted Data).
How does isc rank among CNAs?
By total CVE volume, isc ranks #123 of 370 CNAs, and it reports more complete CVE records than 30% of all CNAs.
