Vulnerabilities > Nlnetlabs

DATE CVE VULNERABILITY TITLE RISK
2020-12-07 CVE-2020-28935 Link Following vulnerability in Nlnetlabs Name Server Daemon
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack.
local
low complexity
nlnetlabs CWE-59
2.1
2020-11-27 CVE-2020-10772 Resource Exhaustion vulnerability in Nlnetlabs Unbound 1.6.65
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414.
network
low complexity
nlnetlabs CWE-400
5.0
2020-08-05 CVE-2020-17366 Improper Certificate Validation vulnerability in Nlnetlabs Routinator
An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1.
network
nlnetlabs CWE-295
5.8
2020-05-19 CVE-2020-12663 Infinite Loop vulnerability in multiple products
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
5.0
2020-05-19 CVE-2020-12662 Uncontrolled Recursion vulnerability in multiple products
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue.
5.0
2019-11-19 CVE-2019-18934 Improper Input Validation vulnerability in Nlnetlabs Unbound
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer.
network
nlnetlabs CWE-20
6.8
2019-11-05 CVE-2013-5661 Authentication Bypass BY Spoofing vulnerability in multiple products
Cache Poisoning issue exists in DNS Response Rate Limiting.
network
high complexity
isc nlnetlabs nic redhat CWE-290
2.6
2019-10-03 CVE-2019-16866 USE of Uninitialized Resource vulnerability in multiple products
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query.
network
low complexity
nlnetlabs canonical CWE-908
5.0
2019-07-03 CVE-2019-13207 Out-Of-Bounds Write vulnerability in Nlnetlabs Name Server Daemon 4.2.0
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
network
low complexity
nlnetlabs CWE-787
7.5
2018-01-23 CVE-2017-15105 Improper Input Validation vulnerability in multiple products
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records.
network
low complexity
nlnetlabs debian canonical CWE-20
5.0