Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-14513 | 5.0 |
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
|
03-03-2023 - 14:24 | 01-08-2019 - 21:15 | |
CVE-2012-3411 | 5.0 |
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.
|
13-02-2023 - 00:25 | 05-03-2013 - 21:38 | |
CVE-2019-14834 | 4.3 |
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
|
12-02-2023 - 23:34 | 07-01-2020 - 17:15 | |
CVE-2017-14491 | 7.5 |
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
|
22-04-2022 - 20:39 | 04-10-2017 - 01:29 | |
CVE-2020-25686 | 4.3 |
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers
|
14-02-2022 - 15:29 | 20-01-2021 - 17:15 | |
CVE-2020-25687 | 7.1 |
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to
|
26-03-2021 - 18:40 | 20-01-2021 - 17:15 | |
CVE-2017-14496 | 7.8 |
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
|
11-05-2018 - 01:29 | 03-10-2017 - 01:29 |