Vulnerabilities > NIC > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-20 CVE-2022-32983 Authentication Bypass by Spoofing vulnerability in NIC Knot Resolver
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.
network
low complexity
nic CWE-290
5.0
2021-08-25 CVE-2021-40083 Reachable Assertion vulnerability in NIC Knot Resolver
Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).
network
low complexity
nic CWE-617
5.0
2021-06-04 CVE-2021-26928 Missing Authentication for Critical Function vulnerability in NIC Bird
BIRD through 2.0.7 does not provide functionality for password authentication of BGP peers.
network
high complexity
nic CWE-306
6.8
2021-03-30 CVE-2018-1110 Improper Input Validation vulnerability in NIC Knot Resolver
A flaw was found in knot-resolver before version 2.3.0.
network
low complexity
nic CWE-20
5.0
2018-08-02 CVE-2018-10920 Improper Input Validation vulnerability in NIC Knot Resolver
Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache.
network
nic CWE-20
4.3
2018-03-27 CVE-2014-0486 Improper Input Validation vulnerability in NIC Knot CMS
Knot DNS before 1.5.2 allows remote attackers to cause a denial of service (application crash) via a crafted DNS message.
network
low complexity
nic CWE-20
5.0
2018-01-22 CVE-2018-1000002 Improper Input Validation vulnerability in NIC Knot Resolver
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
network
nic CWE-20
4.3