Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unbound unbound 1.2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39325
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the malici...
Golang Http2
Golang Go
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netapp Astra Trident -
Netapp Astra Trident Autosupport -
2 Github repositories
6.4
CVSSv2
CVE-2012-1192
The resolver in Unbound prior to 1.4.11 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote malicious users to trigger continued resolvability of revoked domain names via a "ghost domain na...
Unbound Unbound
Unbound Unbound 1.4.9
Unbound Unbound 1.4.8
Unbound Unbound 1.4.7
Unbound Unbound 1.2.0
Unbound Unbound 1.1.1
Unbound Unbound 1.1.0
Unbound Unbound 1.0.2
Unbound Unbound 0.3
Unbound Unbound 0.2
Unbound Unbound 0.1
Unbound Unbound 0.0
Unbound Unbound 1.4.5
Unbound Unbound 1.4.3
Unbound Unbound 1.3.1
Unbound Unbound 1.2.1
Unbound Unbound 1.0.1
Unbound Unbound 0.11
Unbound Unbound 0.6
Unbound Unbound 0.4
Unbound Unbound 1.4.2
Unbound Unbound 1.4.1
7.8
CVSSv2
CVE-2011-4869
validator/val_nsec3.c in Unbound prior to 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability ...
Unbound Unbound 1.4.11
Unbound Unbound 1.4.3
Unbound Unbound 1.4.2
Unbound Unbound 1.3.1
Unbound Unbound 1.3.0
Unbound Unbound 1.0.0
Unbound Unbound 0.11
Unbound Unbound 0.10
Unbound Unbound 0.5
Unbound Unbound 0.4
Unbound Unbound 1.4.10
Unbound Unbound 1.4.9
Unbound Unbound 1.4.8
Unbound Unbound 1.4.1
Unbound Unbound 1.4.0
Unbound Unbound 1.2.1
Unbound Unbound 1.2.0
Unbound Unbound 0.09
Unbound Unbound 0.8
Unbound Unbound 0.3
Unbound Unbound 0.2
Unbound Unbound 1.4.7
5
CVSSv2
CVE-2011-4528
Unbound prior to 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
Unbound Unbound 1.4.6
Unbound Unbound 1.4.5
Unbound Unbound 1.3.3
Unbound Unbound 1.3.2
Unbound Unbound 1.0.2
Unbound Unbound 1.0.1
Unbound Unbound 1.0.0
Unbound Unbound 0.7
Unbound Unbound 0.6
Unbound Unbound 1.4.12
Unbound Unbound
Unbound Unbound 1.4.10
Unbound Unbound 1.4.9
Unbound Unbound 1.4.2
Unbound Unbound 1.4.1
Unbound Unbound 1.2.1
Unbound Unbound 1.2.0
Unbound Unbound 0.09
Unbound Unbound 0.8
Unbound Unbound 0.3
Unbound Unbound 0.2
Unbound Unbound 1.4.8
5
CVSSv2
CVE-2009-4008
Unbound prior to 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote malicious users to cause a denial of service (DNSSEC outage) via a crafted query.
Nlnetlabs Unbound 1.0.1
Nlnetlabs Unbound 1.0.2
Nlnetlabs Unbound 0.8
Nlnetlabs Unbound 0.7.2
Nlnetlabs Unbound 1.4.1
Nlnetlabs Unbound 1.4.0
Nlnetlabs Unbound 1.3.4
Nlnetlabs Unbound 1.4.2
Nlnetlabs Unbound 1.2.0
Nlnetlabs Unbound 1.0.0
Nlnetlabs Unbound 0.7.1
Nlnetlabs Unbound 1.1.1
Nlnetlabs Unbound 0.6
Nlnetlabs Unbound 0.4
Nlnetlabs Unbound 1.3.0
Nlnetlabs Unbound 1.3.1
Nlnetlabs Unbound 1.3.2
Nlnetlabs Unbound 1.3.3
Nlnetlabs Unbound 0.10
Nlnetlabs Unbound 0.09
Nlnetlabs Unbound 0.2
Nlnetlabs Unbound 0.1
4.3
CVSSv2
CVE-2011-1922
daemon/worker.c in Unbound 1.x prior to 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handl...
Nlnetlabs Unbound 1.0.0
Nlnetlabs Unbound 1.3.1
Nlnetlabs Unbound 1.3.2
Nlnetlabs Unbound 1.4.4
Nlnetlabs Unbound 1.4.5
Nlnetlabs Unbound 1.1.0
Nlnetlabs Unbound 1.2.0
Nlnetlabs Unbound 1.4.0
Nlnetlabs Unbound 1.4.1
Nlnetlabs Unbound 1.4.8
Nlnetlabs Unbound 1.4.9
Nlnetlabs Unbound 1.2.1
Nlnetlabs Unbound 1.3.0
Nlnetlabs Unbound 1.4.2
Nlnetlabs Unbound 1.4.3
Nlnetlabs Unbound 1.1.1
Nlnetlabs Unbound 1.0.1
Nlnetlabs Unbound 1.0.2
Nlnetlabs Unbound 1.3.3
Nlnetlabs Unbound 1.3.4
Nlnetlabs Unbound 1.4.6
Nlnetlabs Unbound 1.4.7
5
CVSSv2
CVE-2010-0969
Unbound prior to 1.4.3 does not properly align structures on 64-bit platforms, which allows remote malicious users to cause a denial of service (daemon crash) via unspecified vectors.
Nlnetlabs Unbound 1.3.1
Nlnetlabs Unbound 1.3.2
Nlnetlabs Unbound 1.3.3
Nlnetlabs Unbound 1.1.0
Nlnetlabs Unbound 0.2
Nlnetlabs Unbound 0.1
Nlnetlabs Unbound 0.0
Nlnetlabs Unbound 0.6
Nlnetlabs Unbound 1.0.2
Nlnetlabs Unbound 0.8
Nlnetlabs Unbound 0.7.2
Nlnetlabs Unbound 0.7.1
Nlnetlabs Unbound 1.4.0
Nlnetlabs Unbound 1.3.4
Nlnetlabs Unbound
Nlnetlabs Unbound 1.3.0
Nlnetlabs Unbound 1.2.0
Nlnetlabs Unbound 1.0.0
Nlnetlabs Unbound 1.1.1
Nlnetlabs Unbound 0.10
Nlnetlabs Unbound 0.4
Nlnetlabs Unbound 1.4.1
7.5
CVSSv2
CVE-2009-3602
Unbound prior to 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote malicious users to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
Nlnetlabs Unbound 1.3.2
Nlnetlabs Unbound 1.3.1
Nlnetlabs Unbound 1.0.1
Nlnetlabs Unbound 1.0.0
Nlnetlabs Unbound 0.7
Nlnetlabs Unbound 0.6
Nlnetlabs Unbound 1.2.0
Nlnetlabs Unbound 1.1.1
Nlnetlabs Unbound 0.09
Nlnetlabs Unbound 0.8
Nlnetlabs Unbound 0.3
Nlnetlabs Unbound 0.2
Nlnetlabs Unbound 0.1
Nlnetlabs Unbound
Nlnetlabs Unbound 1.1.0
Nlnetlabs Unbound 1.0.2
Nlnetlabs Unbound 0.7.2
Nlnetlabs Unbound 0.7.1
Nlnetlabs Unbound 0.0
Nlnetlabs Unbound 1.3.0
Nlnetlabs Unbound 1.2.1
Nlnetlabs Unbound 0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started