- What is the isc CNA?
- isc is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 101 CVE records since 2019.
- How many CVEs has isc published?
- isc has published 101 CVE records, including 25 in the last two years.
- What is isc's CVE data quality grade?
- RadicalNotion.AI grades isc's CVE data quality as B, with an overall completeness score of 82.4%. This reflects how consistently its CVE records include vendor (99%), product (99%), CVSS (98%), and CWE (33.7%) information.
- What products does isc publish CVEs for?
- isc most frequently publishes CVEs for BIND, BIND9, BIND 9, debian linux, fedora.
- Which vendors does isc cover?
- isc publishes CVEs across 5 distinct vendors, most often ISC, isc-projects, netapp, Debian, fedoraproject.
- Is isc actively publishing CVEs?
- isc is currently active, based on 25 CVEs in the last two years.
- What is the average severity of isc's CVEs?
- The average CVSS base score across isc's scored CVEs is 6.9.
- How many critical CVEs has isc published?
- isc has published 2 critical-severity CVEs and 80 high-severity CVEs.
- Are any of isc's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of isc's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in isc's CVEs?
- isc's CVEs most often map to these CWE weakness types: CWE-617 (Reachable Assertion), CWE-770 (Allocation of Resources Without Limits or Throttling), CWE-401 (Missing Release of Memory after Effective Lifetime), CWE-20 (Improper Input Validation).
- How does isc rank among CNAs?
- By total CVE volume, isc ranks #123 of 370 CNAs, and it reports more complete CVE records than 30% of all CNAs.