Vulnerabilities > Thekelleys

DATE CVE VULNERABILITY TITLE RISK
2024-06-06 CVE-2023-49441 Integer Overflow or Wraparound vulnerability in Thekelleys Dnsmasq 2.9
dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
network
low complexity
thekelleys CWE-190
7.5
2024-02-14 CVE-2023-50387 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue.
7.5
2023-03-15 CVE-2023-28450 Unspecified vulnerability in Thekelleys Dnsmasq
An issue was discovered in Dnsmasq before 2.90.
network
low complexity
thekelleys
7.5
2022-08-29 CVE-2022-0934 A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq.
network
low complexity
thekelleys redhat
7.5
2022-01-01 CVE-2021-45951 Out-of-bounds Write vulnerability in Thekelleys Dnsmasq 2.86
Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard).
network
low complexity
thekelleys CWE-787
critical
9.8
2022-01-01 CVE-2021-45952 Out-of-bounds Write vulnerability in Thekelleys Dnsmasq 2.86
Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp).
network
low complexity
thekelleys CWE-787
critical
9.8
2022-01-01 CVE-2021-45953 Out-of-bounds Write vulnerability in Thekelleys Dnsmasq 2.86
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c).
network
low complexity
thekelleys CWE-787
critical
9.8
2022-01-01 CVE-2021-45954 Out-of-bounds Write vulnerability in Thekelleys Dnsmasq 2.86
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth).
network
low complexity
thekelleys CWE-787
critical
9.8
2022-01-01 CVE-2021-45955 Out-of-bounds Write vulnerability in Thekelleys Dnsmasq 2.86
Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion.
network
low complexity
thekelleys CWE-787
critical
9.8
2022-01-01 CVE-2021-45956 Out-of-bounds Write vulnerability in Thekelleys Dnsmasq 2.86
Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply).
network
low complexity
thekelleys CWE-787
critical
9.8