Filter
Versions
libunboundUnbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor dispute…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
libunboundUnbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The ve…
9.8
First published (updated )
libunboundvalidator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC…
7.8
First published (updated )
Microsoft Windows Server 2012 x64Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities
7.5
Trending
Year
First published (updated )
Fedoraproject FedoraDenial of service when trimming EDE text on positive replies
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
debian/unboundUnbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash…
7.5
First published (updated )
ubuntu/unboundUnbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue.…
7.5
First published (updated )
ubuntu/unboundUnbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
7.5
First published (updated )
libunboundUnbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote atta…
7.5
First published (updated )
redhat/unboundAn incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
libunboundUnbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an inva…
7.5
First published (updated )
libunboundUnbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The …
7.5
First published (updated )
libunboundUnbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The ven…
7.5
First published (updated )
libunboundUnbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. NOTE: The vend…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraNovel "ghost domain names" attack by updating almost expired delegation information
6.5
First published (updated )
Fedoraproject FedoraNovel "ghost domain names" attack by introducing subdomain delegations
6.5
First published (updated )
libunboundThe resolver in Unbound before 1.4.11 overwrites cached server names and TTL values in NS records du…
6.4
First published (updated )
libunboundUnbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successfu…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
nlnetlabs name server daemonLocal symlink attack in Unbound and NSD
5.5
First published (updated )
debian/unboundUnbounded name compression could lead to Denial of Service
5.3
EPSS
0.04%
First published (updated )
libunboundUnbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query…
First published (updated )
libunboundUnbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote att…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.