High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-06	CVE-2023-49441	Integer Overflow or Wraparound vulnerability in Thekelleys Dnsmasq 2.9 dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. network low complexity thekelleys CWE-190	7.5
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2023-03-15	CVE-2023-28450	Unspecified vulnerability in Thekelleys Dnsmasq An issue was discovered in Dnsmasq before 2.90. network low complexity thekelleys	7.5
2022-08-29	CVE-2022-0934	A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. network low complexity thekelleys redhat	7.5
2021-01-20	CVE-2020-25682	A flaw was found in dnsmasq before 2.83. network high complexity thekelleys fedoraproject debian	8.1
2021-01-20	CVE-2020-25681	A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian	8.1
2019-08-01	CVE-2019-14513	Out-of-bounds Read vulnerability in multiple products Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491. network low complexity thekelleys debian CWE-125	7.5
2018-01-23	CVE-2017-15107	Unspecified vulnerability in Thekelleys Dnsmasq A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. network low complexity thekelleys	7.5
2017-10-03	CVE-2017-14496	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. network low complexity redhat google debian novell canonical thekelleys CWE-191	7.5
2017-10-03	CVE-2017-14495	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. network low complexity redhat debian canonical thekelleys CWE-772	7.5