High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-06	CVE-2023-49441	Integer Overflow or Wraparound vulnerability in Thekelleys Dnsmasq 2.9 dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. network low complexity thekelleys CWE-190	7.5
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2023-03-15	CVE-2023-28450	Unspecified vulnerability in Thekelleys Dnsmasq An issue was discovered in Dnsmasq before 2.90. network low complexity thekelleys	7.5
2022-08-29	CVE-2022-0934	Use After Free vulnerability in multiple products A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. network low complexity thekelleys redhat CWE-416	7.5
2021-01-20	CVE-2020-25682	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in dnsmasq before 2.83. network high complexity thekelleys fedoraproject debian CWE-122	8.1
2021-01-20	CVE-2020-25681	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian CWE-122	8.1
2019-08-01	CVE-2019-14513	Out-of-bounds Read vulnerability in multiple products Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491. network low complexity thekelleys debian CWE-125	7.5
2017-10-03	CVE-2017-14496	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. network low complexity redhat google debian novell canonical thekelleys CWE-191	7.5
2017-10-03	CVE-2017-14495	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. network low complexity redhat debian canonical thekelleys CWE-772	7.5
2017-10-03	CVE-2017-13704	Improper Input Validation vulnerability in multiple products In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. network low complexity redhat debian novell canonical fedoraproject thekelleys CWE-20	7.5