Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thekelleys dnsmasq vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-2957
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, might allow remote malicious users to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
Thekelleys Dnsmasq
Thekelleys Dnsmasq 0.4
Thekelleys Dnsmasq 0.5
Thekelleys Dnsmasq 0.6
Thekelleys Dnsmasq 0.7
Thekelleys Dnsmasq 0.95
Thekelleys Dnsmasq 0.96
Thekelleys Dnsmasq 0.98
Thekelleys Dnsmasq 0.992
Thekelleys Dnsmasq 0.996
Thekelleys Dnsmasq 1.0
Thekelleys Dnsmasq 1.2
1 EDB exploit
4.3
CVSSv2
CVE-2009-2958
The tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
Thekelleys Dnsmasq
Thekelleys Dnsmasq 0.4
Thekelleys Dnsmasq 0.5
Thekelleys Dnsmasq 0.6
Thekelleys Dnsmasq 0.7
Thekelleys Dnsmasq 0.95
Thekelleys Dnsmasq 0.96
Thekelleys Dnsmasq 0.98
Thekelleys Dnsmasq 0.992
Thekelleys Dnsmasq 0.996
Thekelleys Dnsmasq 1.0
Thekelleys Dnsmasq 1.2
1 EDB exploit
7.5
CVSSv3
CVE-2023-28450
An issue exists in Dnsmasq prior to 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
Thekelleys Dnsmasq
7.5
CVSSv3
CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Thekelleys Dnsmasq
7.5
CVSSv3
CVE-2005-0877
Dnsmasq prior to 2.21 allows remote malicious users to poison the DNS cache via answers to queries that were not made by Dnsmasq.
Thekelleys Dnsmasq
5
CVSSv2
CVE-2013-0198
Dnsmasq prior to 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote malicious users to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists be...
Thekelleys Dnsmasq
7.5
CVSSv3
CVE-2023-49441
dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
Thekelleys Dnsmasq 2.9
7.8
CVSSv2
CVE-2008-3214
dnsmasq 2.25 allows remote malicious users to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.
Thekelleys Dnsmasq 2.25
9.8
CVSSv3
CVE-2021-45957
Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
Thekelleys Dnsmasq 2.86
9.8
CVSSv3
CVE-2021-45951
Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our ...
Thekelleys Dnsmasq 2.86
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
local file inclusion
dcmtk
CVE-2025-24813
CVE-2023-52315
directory listings wordpress plugin – ulisting
CVE-2025-2348
IDOR
CVE-2024-12336
vam
CVE-2025-24856
wireless
wordpress form builder plugin for contact forms, surveys and quizzes – tripetto
CVE-2024-55591
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »
Vulmon