Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nlnetlabs vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-19860
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
Nlnetlabs Ldns 1.7.1
445
VMScore
CVE-2020-19861
When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.
Nlnetlabs Ldns 1.7.1
668
VMScore
CVE-2017-1000232
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
Nlnetlabs Ldns 1.7.0
445
VMScore
CVE-2020-10772
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification...
Nlnetlabs Unbound 1.6.6-5
668
VMScore
CVE-2019-13207
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
Nlnetlabs Name Server Daemon 4.2.0
445
VMScore
CVE-2019-16866
Unbound prior to 1.9.4 accesses uninitialized memory, which allows remote malicious users to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
Nlnetlabs Unbound
Canonical Ubuntu Linux 19.04
445
VMScore
CVE-2021-43173
In NLnet Labs Routinator before 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out ...
Nlnetlabs Routinator
Debian Debian Linux 11.0
445
VMScore
CVE-2021-43174
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitra...
Nlnetlabs Routinator
Debian Debian Linux 11.0
668
VMScore
CVE-2019-25033
Unbound prior to 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Nlnetlabs Unbound
Debian Debian Linux 9.0
383
VMScore
CVE-2019-25031
Unbound prior to 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a co...
Nlnetlabs Unbound
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »