Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nlnetlabs vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
Nlnetlabs Ldns 1.7.0
4.3
CVSSv2
CVE-2020-19860
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
Nlnetlabs Ldns 1.7.1
5
CVSSv2
CVE-2020-19861
When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.
Nlnetlabs Ldns 1.7.1
5
CVSSv2
CVE-2020-10772
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification...
Nlnetlabs Unbound 1.6.6-5
7.5
CVSSv2
CVE-2019-13207
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
Nlnetlabs Name Server Daemon 4.2.0
4.3
CVSSv2
CVE-2019-25031
Unbound prior to 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a co...
Nlnetlabs Unbound
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2019-25033
Unbound prior to 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
5
CVSSv2
CVE-2019-16866
Unbound prior to 1.9.4 accesses uninitialized memory, which allows remote malicious users to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
Nlnetlabs Unbound
Canonical Ubuntu Linux 19.04
7.5
CVSSv2
CVE-2019-25032
Unbound prior to 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2019-25034
Unbound prior to 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally explo...
Nlnetlabs Unbound
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »