Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nlnetlabs unbound vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-25037
Unbound prior to 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
445
VMScore
CVE-2019-25040
Unbound prior to 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
445
VMScore
CVE-2019-25041
Unbound prior to 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
445
VMScore
CVE-2020-10772
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification...
Nlnetlabs Unbound 1.6.6-5
445
VMScore
CVE-2020-12662
Unbound prior to 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
Nlnetlabs Unbound
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
445
VMScore
CVE-2020-12663
Unbound prior to 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
Nlnetlabs Unbound
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
445
VMScore
CVE-2019-16866
Unbound prior to 1.9.4 accesses uninitialized memory, which allows remote malicious users to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
Nlnetlabs Unbound
Canonical Ubuntu Linux 19.04
445
VMScore
CVE-2017-15105
A flaw was found in the way unbound prior to 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
Nlnetlabs Unbound
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
1 Github repository
445
VMScore
CVE-2011-4528
Unbound prior to 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
Unbound Unbound 1.3.3
Unbound Unbound
Unbound Unbound 0.7
Unbound Unbound 0.0
Unbound Unbound 0.6
Unbound Unbound 0.4
Unbound Unbound 0.2
Unbound Unbound 1.3.1
Unbound Unbound 0.11
Unbound Unbound 1.3.4
Unbound Unbound 1.0.0
Unbound Unbound 1.4.7
Unbound Unbound 1.2.0
Unbound Unbound 1.3.2
Unbound Unbound 1.3.0
Unbound Unbound 1.4.4
Unbound Unbound 1.4.1
Unbound Unbound 0.1
Unbound Unbound 1.1.0
Unbound Unbound 1.4.6
Unbound Unbound 0.3
Unbound Unbound 1.4.10
445
VMScore
CVE-2009-4008
Unbound prior to 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote malicious users to cause a denial of service (DNSSEC outage) via a crafted query.
Nlnetlabs Unbound 1.3.4
Nlnetlabs Unbound 0.8
Nlnetlabs Unbound 1.2.1
Nlnetlabs Unbound 1.3.3
Nlnetlabs Unbound 1.0.1
Nlnetlabs Unbound 1.1.0
Nlnetlabs Unbound 0.0
Nlnetlabs Unbound 0.10
Nlnetlabs Unbound 1.3.0
Nlnetlabs Unbound 0.09
Nlnetlabs Unbound 1.4.2
Nlnetlabs Unbound 1.0.0
Nlnetlabs Unbound 0.7.2
Nlnetlabs Unbound 1.4.0
Nlnetlabs Unbound 1.1.1
Nlnetlabs Unbound 0.11
Nlnetlabs Unbound 1.4.1
Nlnetlabs Unbound 1.3.2
Nlnetlabs Unbound 1.3.1
Nlnetlabs Unbound 0.4
Nlnetlabs Unbound 0.7
Nlnetlabs Unbound 0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »