Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authoritative vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-12663
Unbound prior to 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
Nlnetlabs Unbound
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5
CVSSv2
CVE-2021-25219
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative s...
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.12
Isc Bind 9.11.8
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.21
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind 9.16.13
Isc Bind 9.11.29
Isc Bind 9.16.21
Isc Bind
Isc Bind 9.11.35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2010-0218
ISC BIND 9.7.2 up to and including 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote malicious users to obtain potentially sensitive information via a DNS query.
Isc Bind 9.7.2
7.1
CVSSv2
CVE-2011-0414
ISC BIND 9.7.1 up to and including 9.7.2-P3, when configured as an authoritative server, allows remote malicious users to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
Isc Bind 9.7.1
Isc Bind 9.7.2
7.8
CVSSv2
CVE-2014-8500
ISC BIND 9.0.x up to and including 9.8.x, 9.9.0 up to and including 9.9.6, and 9.10.0 up to and including 9.10.1 does not limit delegation chaining, which allows remote malicious users to cause a denial of service (memory consumption and named crash) via a large or infinite numbe...
Isc Bind 9.1
Isc Bind 9.1.1
Isc Bind 9.2.3
Isc Bind 9.2.4
Isc Bind 9.3.0
Isc Bind 9.3.1
Isc Bind 9.4.1
Isc Bind 9.4.2
Isc Bind 9.6.0
Isc Bind 9.6.1
Isc Bind 9.7.4
Isc Bind 9.7.5
Isc Bind 9.8.5
Isc Bind 9.8.6
Isc Bind 9.9.6
Isc Bind 9.10.0
Isc Bind 9.0
Isc Bind 9.0.1
Isc Bind 9.2.1
Isc Bind 9.2.2
Isc Bind 9.2.9
Isc Bind 9.3
2 Github repositories
7.8
CVSSv2
CVE-2017-14339
The DNS packet parser in YADIFA prior to 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive.
Yadifa Yadifa
5
CVSSv2
CVE-2011-2464
Unspecified vulnerability in ISC BIND 9 9.6.x prior to 9.6-ESV-R4-P3, 9.7.x prior to 9.7.3-P3, and 9.8.x prior to 9.8.0-P4 allows remote malicious users to cause a denial of service (named daemon crash) via a crafted UPDATE request.
Isc Bind 9.6.3
Isc Bind 9.6.1
Isc Bind 9.6.2
Isc Bind 9.6.0
Isc Bind 9.6
Isc Bind 9.7.0
Isc Bind 9.7.2
Isc Bind 9.7.3
Isc Bind 9.7.1
Isc Bind 9.7.2b1
Isc Bind 9.8.0
Isc Bind 9.8.1
5
CVSSv2
CVE-2020-12662
Unbound prior to 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
Nlnetlabs Unbound
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5
CVSSv2
CVE-2017-15120
An issue has been found in the parsing of authoritative answers in PowerDNS Recursor prior to 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a den...
Powerdns Recursor
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
5
CVSSv2
CVE-2008-0061
MaraDNS 1.0 prior to 1.0.41, 1.2 prior to 1.2.12.08, and 1.3 prior to 1.3.07.04 allows remote malicious users to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) record from resolving, aka "improper rotation of resource records.&...
Maradns Maradns 1.0.00
Maradns Maradns 1.0.07
Maradns Maradns 1.0.08
Maradns Maradns 1.0.09
Maradns Maradns 1.0.16
Maradns Maradns 1.0.17
Maradns Maradns 1.0.24
Maradns Maradns 1.0.25
Maradns Maradns 1.0.33
Maradns Maradns 1.0.34
Maradns Maradns 1.2.12.02
Maradns Maradns 1.2.12.03
Maradns Maradns 1.3.03
Maradns Maradns 1.3.04
Maradns Maradns 1.0.01
Maradns Maradns 1.0.02
Maradns Maradns 1.0.10
Maradns Maradns 1.0.11
Maradns Maradns 1.0.18
Maradns Maradns 1.0.19
Maradns Maradns 1.0.26
Maradns Maradns 1.0.27
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »