Vulnerabilities > Maradns > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-31137 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products MaraDNS is open-source software that implements the Domain Name System (DNS). | 7.5 |
| 2022-11-19 | CVE-2022-30256 | Operation on a Resource after Expiration or Release vulnerability in Maradns An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. | 7.5 |
| 2012-01-08 | CVE-2012-0024 | Resource Exhaustion vulnerability in Maradns MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion Desired (RD) bit set. | 7.8 |
| 2011-01-28 | CVE-2011-0520 | Buffer Errors vulnerability in Maradns 1.4.03/1.4.05 The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow. | 7.5 |
| 2007-06-07 | CVE-2007-3115 | Resource Management Errors vulnerability in Maradns Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, and 1.3.x before 1.3.05, allow remote attackers to cause a denial of service (memory consumption) via (1) reverse lookups or (2) requests for records in a class other than Internet (IN), a different set of affected versions than CVE-2007-3114 and CVE-2007-3116. | 7.8 |