Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unbound unbound vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-12663
Unbound prior to 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
Nlnetlabs Unbound
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
605
VMScore
CVE-2019-18934
Unbound 1.6.4 up to and including 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled a...
Nlnetlabs Unbound
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
445
VMScore
CVE-2019-16866
Unbound prior to 1.9.4 accesses uninitialized memory, which allows remote malicious users to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
Nlnetlabs Unbound
Canonical Ubuntu Linux 19.04
435
VMScore
CVE-2018-11412
In the Linux kernel 4.13 up to and including 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode.
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
1 EDB exploit
605
VMScore
CVE-2018-1256
Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which us...
Vmware Spring Cloud Sso Connector 2.1.2
445
VMScore
CVE-2017-15105
A flaw was found in the way unbound prior to 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
Nlnetlabs Unbound
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
1 Github repository
570
VMScore
CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) prior to 2.23 allows context-dependent malicious users to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Desktop 12
Opensuse Opensuse 13.2
Suse Suse Linux Enterprise Server 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
Fedoraproject Fedora 23
Gnu Glibc
383
VMScore
CVE-2014-8602
iterator.c in NLnet Labs Unbound prior to 1.5.1 does not limit delegation chaining, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
Nlnetlabs Unbound
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
570
VMScore
CVE-2012-1192
The resolver in Unbound prior to 1.4.11 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote malicious users to trigger continued resolvability of revoked domain names via a "ghost domain na...
Unbound Unbound 1.3.3
Unbound Unbound 0.7
Unbound Unbound 0.0
Unbound Unbound 0.6
Unbound Unbound 0.4
Unbound Unbound 0.2
Unbound Unbound 1.3.1
Unbound Unbound 0.11
Unbound Unbound 1.3.4
Unbound Unbound 1.0.0
Unbound Unbound 1.4.7
Unbound Unbound 1.2.0
Unbound Unbound 1.3.2
Unbound Unbound 1.3.0
Unbound Unbound 1.4.4
Unbound Unbound 1.4.1
Unbound Unbound 0.1
Unbound Unbound 1.1.0
Unbound Unbound 1.4.6
Unbound Unbound
Unbound Unbound 0.3
Unbound Unbound 0.7.2
445
VMScore
CVE-2011-4528
Unbound prior to 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
Unbound Unbound 1.3.3
Unbound Unbound
Unbound Unbound 0.7
Unbound Unbound 0.0
Unbound Unbound 0.6
Unbound Unbound 0.4
Unbound Unbound 0.2
Unbound Unbound 1.3.1
Unbound Unbound 0.11
Unbound Unbound 1.3.4
Unbound Unbound 1.0.0
Unbound Unbound 1.4.7
Unbound Unbound 1.2.0
Unbound Unbound 1.3.2
Unbound Unbound 1.3.0
Unbound Unbound 1.4.4
Unbound Unbound 1.4.1
Unbound Unbound 0.1
Unbound Unbound 1.1.0
Unbound Unbound 1.4.6
Unbound Unbound 0.3
Unbound Unbound 1.4.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280
CVE-2024-5346
CVE-2024-30078
CVE-2022-45803
CVE-2024-36886
SQL
CVE-2024-24553
IMAP
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »