stichting nlnet labs
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting stichting nlnet labs.
- CVE-2025-11411Possible domain hijacking via promiscuous records in the authority section7.4
- CVE-2025-5994Cache poisoning via the ECS-enabled Rebirthday Attack7.5
- CVE-2024-8508Unbounded name compression could lead to Denial of Service5.3
- CVE-2024-43168Unbound: heap-buffer-overflow in unbound4.8
- CVE-2024-43167Unbound: null pointer dereference in unbound2.8
- CVE-2024-33655The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses ...7.5
- CVE-2024-1931Denial of service when trimming EDE text on positive replies7.5
- CVE-2024-1488Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation8.0
- CVE-2022-3204NRDelegation Attack7.5
- CVE-2022-30699Novel "ghost domain names" attack by updating almost expired delegation information6.5
- CVE-2022-30698Novel "ghost domain names" attack by introducing subdomain delegations6.5
- CVE-2020-19861When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt...7.5
- CVE-2020-19860When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a z...6.5
- CVE-2019-25031Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider t...5.9
- CVE-2019-25032Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running ...9.8