📦 Unbound

CVE-2019-25032 is an integer overflow vulnerability in Unbound DNS resolver's regional allocator that could allow memory corruption. The vendor disputes exploitability, stating running installations c...

CVE-2019-25034 is an integer overflow vulnerability in Unbound DNS resolver's sldns_str2wire_dname_buf_origin function that can lead to out-of-bounds writes. This affects Unbound installations before ...

CVE-2019-25038 is an integer overflow vulnerability in Unbound DNS resolver's dnscrypt component that could allow memory corruption. The vulnerability affects Unbound installations before version 1.9....

CVE-2019-25042 is an out-of-bounds write vulnerability in Unbound DNS resolver versions before 1.9.5, triggered by specially crafted compressed DNS names. The vulnerability could allow remote code exe...

This vulnerability in NLnet Labs Unbound DNS resolver allows remote attackers to cause denial of service via an infinite loop when EDE (Extended DNS Error) records are enabled. The vulnerability affec...

CVE-2023-50387 (KeyTrap) is a DNSSEC protocol vulnerability that allows remote attackers to cause denial of service by exhausting CPU resources through specially crafted DNSSEC responses. The vulnerab...

CVE-2019-25036 is an assertion failure vulnerability in Unbound DNS resolver's synth_cname function that can cause denial of service. The vendor disputes exploitability, stating running installations ...

Unbound DNS resolver versions before 1.9.5 contain a vulnerability where specially crafted DNS responses with compressed domain names can trigger an infinite loop in the dname_pkt_copy function. This ...