Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thekelleys dnsmasq vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-45954
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
Thekelleys Dnsmasq 2.86
7.5
CVSSv2
CVE-2017-14491
Heap-based buffer overflow in dnsmasq prior to 2.78 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
Thekelleys Dnsmasq
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 7.1
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 42.2
Suse Linux Enterprise Server 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Point Of Sale 11
Nvidia Linux For Tegra
1 EDB exploit
9 Github repositories
7.5
CVSSv2
CVE-2017-14492
Heap-based buffer overflow in dnsmasq prior to 2.78 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 7.1
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Thekelleys Dnsmasq
1 EDB exploit
7.5
CVSSv2
CVE-2017-14493
Stack-based buffer overflow in dnsmasq prior to 2.78 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 7.1
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 42.2
Thekelleys Dnsmasq
1 EDB exploit
4 Github repositories
7.1
CVSSv2
CVE-2020-25687
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated ...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
7.1
CVSSv2
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocat...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
6.8
CVSSv2
CVE-2009-2957
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, might allow remote malicious users to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
Thekelleys Dnsmasq 2.48
Thekelleys Dnsmasq 2.47
Thekelleys Dnsmasq 2.35
Thekelleys Dnsmasq 2.22
Thekelleys Dnsmasq 2.34
Thekelleys Dnsmasq 2.33
Thekelleys Dnsmasq 2.31
Thekelleys Dnsmasq 2.23
Thekelleys Dnsmasq 2.21
Thekelleys Dnsmasq 2.14
Thekelleys Dnsmasq 2.13
Thekelleys Dnsmasq 2.5
Thekelleys Dnsmasq 2.4
Thekelleys Dnsmasq 1.16
Thekelleys Dnsmasq 1.15
Thekelleys Dnsmasq 1.8
Thekelleys Dnsmasq 1.7
Thekelleys Dnsmasq 0.992
Thekelleys Dnsmasq 0.98
Thekelleys Dnsmasq
Thekelleys Dnsmasq 2.44
Thekelleys Dnsmasq 2.43
1 EDB exploit
6.4
CVSSv2
CVE-2015-3294
The tcp_request function in Dnsmasq prior to 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote malicious users to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
Thekelleys Dnsmasq
Oracle Solaris 11.2
5
CVSSv2
CVE-2019-14513
Improper bounds checking in Dnsmasq prior to 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
Thekelleys Dnsmasq
Debian Debian Linux 8.0
1 Github repository
5
CVSSv2
CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Thekelleys Dnsmasq
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »