Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nlnetlabs vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-1000232
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
Nlnetlabs Ldns 1.7.0
6.5
CVSSv3
CVE-2020-19860
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
Nlnetlabs Ldns 1.7.1
7.5
CVSSv3
CVE-2020-19861
When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.
Nlnetlabs Ldns 1.7.1
7.5
CVSSv3
CVE-2020-10772
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification...
Nlnetlabs Unbound 1.6.6-5
9.8
CVSSv3
CVE-2019-13207
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
Nlnetlabs Name Server Daemon 4.2.0
7.5
CVSSv3
CVE-2021-43173
In NLnet Labs Routinator before 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out ...
Nlnetlabs Routinator
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2021-43174
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitra...
Nlnetlabs Routinator
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2019-25037
Unbound prior to 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2019-25038
Unbound prior to 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2019-25039
Unbound prior to 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »