Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thekelleys dnsmasq vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-8899
Dnsmasq prior to 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Thekelleys Dnsmasq
7.5
CVSSv3
CVE-2005-0877
Dnsmasq prior to 2.21 allows remote malicious users to poison the DNS cache via answers to queries that were not made by Dnsmasq.
Thekelleys Dnsmasq
5.9
CVSSv3
CVE-2020-25687
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated ...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
5.9
CVSSv3
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocat...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
5.9
CVSSv3
CVE-2017-14494
dnsmasq prior to 2.78, when configured as a relay, allows remote malicious users to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 7.1
Novell Leap 42.2
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Novell Leap 42.3
Thekelleys Dnsmasq
1 EDB exploit
4
CVSSv3
CVE-2021-3448
A flaw was found in dnsmasq in versions prior to 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the r...
Thekelleys Dnsmasq
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.9.0
3.7
CVSSv3
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 ...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
3.7
CVSSv3
CVE-2020-25684
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the ex...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
3.7
CVSSv3
CVE-2020-25685
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is c...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
3.7
CVSSv3
CVE-2019-14834
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote malicious users to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
Thekelleys Dnsmasq
Fedoraproject Fedora 31
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »