Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authoritative server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0414
ISC BIND 9.7.1 up to and including 9.7.2-P3, when configured as an authoritative server, allows remote malicious users to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
Isc Bind 9.7.1
Isc Bind 9.7.2
7.5
CVSSv3
CVE-2017-14339
The DNS packet parser in YADIFA prior to 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive.
Yadifa Yadifa
NA
CVE-2014-8500
ISC BIND 9.0.x up to and including 9.8.x, 9.9.0 up to and including 9.9.6, and 9.10.0 up to and including 9.10.1 does not limit delegation chaining, which allows remote malicious users to cause a denial of service (memory consumption and named crash) via a large or infinite numbe...
Isc Bind 9.1
Isc Bind 9.1.1
Isc Bind 9.2.3
Isc Bind 9.2.4
Isc Bind 9.3.0
Isc Bind 9.3.1
Isc Bind 9.4.1
Isc Bind 9.4.2
Isc Bind 9.6.0
Isc Bind 9.6.1
Isc Bind 9.7.4
Isc Bind 9.7.5
Isc Bind 9.8.5
Isc Bind 9.8.6
Isc Bind 9.9.6
Isc Bind 9.10.0
Isc Bind 9.0
Isc Bind 9.0.1
Isc Bind 9.2.1
Isc Bind 9.2.2
Isc Bind 9.2.9
Isc Bind 9.3
2 Github repositories
NA
CVE-2010-0218
ISC BIND 9.7.2 up to and including 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote malicious users to obtain potentially sensitive information via a DNS query.
Isc Bind 9.7.2
NA
CVE-2011-2464
Unspecified vulnerability in ISC BIND 9 9.6.x prior to 9.6-ESV-R4-P3, 9.7.x prior to 9.7.3-P3, and 9.8.x prior to 9.8.0-P4 allows remote malicious users to cause a denial of service (named daemon crash) via a crafted UPDATE request.
Isc Bind 9.6.3
Isc Bind 9.6.1
Isc Bind 9.6.2
Isc Bind 9.6.0
Isc Bind 9.6
Isc Bind 9.7.0
Isc Bind 9.7.2
Isc Bind 9.7.3
Isc Bind 9.7.1
Isc Bind 9.7.2b1
Isc Bind 9.8.0
Isc Bind 9.8.1
5.9
CVSSv3
CVE-2017-3140
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
Isc Bind 9.9.10
Isc Bind 9.10.5
Isc Bind
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Data Ontap Edge -
7.5
CVSSv3
CVE-2020-12662
Unbound prior to 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
Nlnetlabs Unbound
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2017-15120
An issue has been found in the parsing of authoritative answers in PowerDNS Recursor prior to 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a den...
Powerdns Recursor
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
NA
CVE-2008-0061
MaraDNS 1.0 prior to 1.0.41, 1.2 prior to 1.2.12.08, and 1.3 prior to 1.3.07.04 allows remote malicious users to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) record from resolving, aka "improper rotation of resource records.&...
Maradns Maradns 1.0.00
Maradns Maradns 1.0.07
Maradns Maradns 1.0.08
Maradns Maradns 1.0.09
Maradns Maradns 1.0.16
Maradns Maradns 1.0.17
Maradns Maradns 1.0.24
Maradns Maradns 1.0.25
Maradns Maradns 1.0.33
Maradns Maradns 1.0.34
Maradns Maradns 1.2.12.02
Maradns Maradns 1.2.12.03
Maradns Maradns 1.3.03
Maradns Maradns 1.3.04
Maradns Maradns 1.0.01
Maradns Maradns 1.0.02
Maradns Maradns 1.0.10
Maradns Maradns 1.0.11
Maradns Maradns 1.0.18
Maradns Maradns 1.0.19
Maradns Maradns 1.0.26
Maradns Maradns 1.0.27
NA
CVE-2012-2978
query.c in NSD 3.0.x up to and including 3.0.8, 3.1.x up to and including 3.1.1, and 3.2.x prior to 3.2.12 allows remote malicious users to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.
Nlnetlabs Nsd 3.0.2
Nlnetlabs Nsd 3.0.1
Nlnetlabs Nsd 3.0.0
Nlnetlabs Nsd 3.0.8
Nlnetlabs Nsd 3.0.7
Nlnetlabs Nsd 3.0.4
Nlnetlabs Nsd 3.0.3
Nlnetlabs Nsd 3.0.6
Nlnetlabs Nsd 3.0.5
Nlnetlabs Nsd 3.1.1
Nlnetlabs Nsd 3.1.0
Nlnetlabs Nsd 3.2.5
Nlnetlabs Nsd 3.2.6
Nlnetlabs Nsd 3.2.3
Nlnetlabs Nsd 3.2.4
Nlnetlabs Nsd 3.2.7
Nlnetlabs Nsd 3.2.8
Nlnetlabs Nsd 3.2.9
Nlnetlabs Nsd 3.2.1
Nlnetlabs Nsd 3.2.0
Nlnetlabs Nsd 3.2.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »