Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Nlnetlabs Subscribe
Filtered by product Unbound

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-25038 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2021-12-03 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.
CVE-2019-25035 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2021-12-03 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.
CVE-2019-25034 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2021-12-03 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.
CVE-2019-25033 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2021-12-03 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.
CVE-2019-25042 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2021-12-03 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.
CVE-2019-25039 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2021-12-03 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.
CVE-2019-25032 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2021-12-03 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.