High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2023-10-22	CVE-2023-46317	Unspecified vulnerability in NIC Knot Resolver Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers. network low complexity nic	7.5
2023-02-21	CVE-2023-26249	Allocation of Resources Without Limits or Throttling vulnerability in NIC Knot Resolver Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. network low complexity nic CWE-770	7.5
2022-09-23	CVE-2022-40188	Algorithmic Complexity vulnerability in multiple products Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. network low complexity nic fedoraproject debian CWE-407	7.5
2021-08-25	CVE-2021-40083	Reachable Assertion vulnerability in NIC Knot Resolver Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof). network low complexity nic CWE-617	7.5
2021-03-30	CVE-2018-1110	Improper Input Validation vulnerability in NIC Knot Resolver A flaw was found in knot-resolver before version 2.3.0. network low complexity nic CWE-20	7.5
2020-05-19	CVE-2020-12667	Resource Exhaustion vulnerability in NIC Knot Resolver Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. network low complexity nic CWE-400	7.5
2019-12-16	CVE-2019-19331	Improper Resource Shutdown or Release vulnerability in multiple products knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. network low complexity nic debian CWE-404	7.5
2019-09-09	CVE-2019-16159	Out-of-bounds Write vulnerability in multiple products BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. network low complexity nic opensuse fedoraproject debian CWE-787	7.5
2019-07-16	CVE-2019-10191	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol. network low complexity nic fedoraproject CWE-20	7.5