Search CVE reports
11 – 20 of 50028 results
NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for...
1 affected package
unbound
| Package | 16.04 LTS |
|---|---|
| unbound | Needs evaluation |
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant...
1 affected package
unbound
| Package | 16.04 LTS |
|---|---|
| unbound | Needs evaluation |
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations...
1 affected package
unbound
| Package | 16.04 LTS |
|---|---|
| unbound | Needs evaluation |
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could renew the age of slow running...
1 affected package
unbound
| Package | 16.04 LTS |
|---|---|
| unbound | Needs evaluation |
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold...
1 affected package
unbound
| Package | 16.04 LTS |
|---|---|
| unbound | Needs evaluation |
[Unknown description]
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 16.04 LTS |
|---|---|
| libpng | Needs evaluation |
| libpng1.6 | — |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other...
1 affected package
unbound
| Package | 16.04 LTS |
|---|---|
| unbound | Needs evaluation |
Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 16.04 LTS |
|---|---|
| bind9 | Not affected |
| isc-dhcp | Not affected |
| bind9-libs | — |
Amplification vulnerabilities via self-pointed glue records
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 16.04 LTS |
|---|---|
| bind9 | Needs evaluation |
| isc-dhcp | Not affected |
| bind9-libs | — |
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and...
1 affected package
unbound
| Package | 16.04 LTS |
|---|---|
| unbound | Needs evaluation |