High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2022-09-26	CVE-2022-3204	Resource Exhaustion vulnerability in multiple products A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. network low complexity nlnetlabs fedoraproject CWE-400	7.5
2021-04-27	CVE-2019-25041	Reachable Assertion vulnerability in multiple products Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. network low complexity nlnetlabs debian CWE-617	7.5
2021-04-27	CVE-2019-25040	Infinite Loop vulnerability in multiple products Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. network low complexity nlnetlabs debian CWE-835	7.5
2021-04-27	CVE-2019-25037	Reachable Assertion vulnerability in multiple products Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. network low complexity nlnetlabs debian CWE-617	7.5
2021-04-27	CVE-2019-25036	Reachable Assertion vulnerability in multiple products Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. network low complexity nlnetlabs debian CWE-617	7.5
2020-11-27	CVE-2020-10772	Resource Exhaustion vulnerability in Nlnetlabs Unbound 1.6.65 An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. network low complexity nlnetlabs CWE-400	7.5
2020-05-19	CVE-2020-12663	Infinite Loop vulnerability in multiple products Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-835	7.5
2020-05-19	CVE-2020-12662	Resource Exhaustion vulnerability in multiple products Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-400	7.5
2019-11-19	CVE-2019-18934	OS Command Injection vulnerability in multiple products Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. network low complexity nlnetlabs fedoraproject opensuse CWE-78	7.3