Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/05/20 11:38 a.m.14 views

CVE-2026-42944

A flaw was found in Unbound, a Domain Name System DNS resolver. A remote attacker could trigger a heap overflow by sending specially crafted DNS reply packets. This occurs when Unbound attempts to encode multiple Name Server Identifier NSID or Extension Mechanisms for DNS EDNS Cookie options, or...

8.7CVSS5.7AI score0.00842EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/19 1:52 p.m.12 views

unbound: Unbound domain hijacking via promiscuous records

A domain hijacking flaw has been discovered in NLNet Lab's Unbound project. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver'...

7.1CVSS7.3AI score0.00311EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

RHEL 8 : unbound (RHSA-2025:13577)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13577 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbound Cache poisoning...

8.7CVSS6.7AI score0.00188EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/09/03 12:0 a.m.3 views

The vulnerability of the cfg_mark_ports() function in the Unbound DNS server allows a attacker to cause service failure or unauthorized actions within the system.

The vulnerability of the cfgmarkports function in the Unbound DNS server is related to buffer overflow errors. Exploiting this vulnerability allows a remote attacker to cause service failures or unauthorized actions within the system...

4.8CVSS6.8AI score0.00311EPSS
Exploits0References11Affected Software8
BDU FSTEC
BDU FSTEC
added 2021/12/20 12:0 a.m.4 views

The vulnerability of the dname_pkt_copy function in the DNS server Unbound, allowing a hacker to cause a service failure

The vulnerability of the dnamepktcopy function in the Unbound DNS server involves executing a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.3AI score0.01989EPSS
Exploits0References9Affected Software4
CNNVD
CNNVD
added 2021/04/27 12:0 a.m.2 views

Unbound 安全漏洞

Unbound is a DNS resolver that supports validation, recursion, and caching features. An infinite loop vulnerability exists in dnamepktcopy in Unbound versions prior to 1.9.5. An attacker can exploit this vulnerability by compressing names to cause an infinite loop...

7.5CVSS5.6AI score0.01989EPSS
Exploits0References17
Rows per page
Query Builder