Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thekelleys dnsmasq vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-25681
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buff...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
8.1
CVSSv3
CVE-2020-25682
A flaw was found in dnsmasq prior to 2.83. A buffer overflow vulnerability exists in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
7.5
CVSSv3
CVE-2023-50387
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote malicious users to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows Server 2022 23h2 -
Fedoraproject Fedora 39
Thekelleys Dnsmasq
Nic Knot Resolver
Powerdns Recursor
Isc Bind
Nlnetlabs Unbound
2 Github repositories
2 Articles
7.5
CVSSv3
CVE-2023-28450
An issue exists in Dnsmasq prior to 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
Thekelleys Dnsmasq
7.5
CVSSv3
CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
Thekelleys Dnsmasq
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
7.5
CVSSv3
CVE-2019-14513
Improper bounds checking in Dnsmasq prior to 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
Thekelleys Dnsmasq
Debian Debian Linux 8.0
1 Github repository
7.5
CVSSv3
CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Thekelleys Dnsmasq
7.5
CVSSv3
CVE-2017-14495
Memory leak in dnsmasq prior to 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote malicious users to cause a denial of service (memory consumption) via vectors involving DNS response creation.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 7.1
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Thekelleys Dnsmasq
1 EDB exploit
7.5
CVSSv3
CVE-2017-14496
Integer underflow in the add_pseudoheader function in dnsmasq prior to 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote malicious users to cause a denial of service via a crafted DNS request.
Redhat Enterprise Linux Desktop 7.0
Google Android 7.1.2
Redhat Enterprise Linux Workstation 7.0
Google Android 5.0.2
Redhat Enterprise Linux Server 7.0
Google Android 6.0.1
Google Android 6.0
Debian Debian Linux 7.1
Novell Leap 42.2
Google Android 4.4.4
Debian Debian Linux 7.0
Google Android 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Google Android 8.0
Google Android 5.1.1
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Google Android 7.1.1
Novell Leap 42.3
Thekelleys Dnsmasq
1 EDB exploit
3 Github repositories
1 Article
7.5
CVSSv3
CVE-2017-13704
In dnsmasq prior to 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq c...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 7.1
Novell Leap 42.2
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Fedoraproject Fedora 27
Novell Leap 42.3
Thekelleys Dnsmasq
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »