| CVE-2022-0934 |
AVG-2716 |
Medium |
Yes |
Denial of service |
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq,... |
| CVE-2021-3448 |
AVG-1703 |
Medium |
Yes |
Content spoofing |
A security issue was found in dnsmasq before version 2.85. When configured with --server=<address>@<interface> or similar (e.g. through dbus), dnsmasq... |
| CVE-2020-25687 |
AVG-1470 |
Medium |
Yes |
Denial of service |
A heap-based buffer overflow was discovered in dnsmasq before version 2.83 when DNSSEC is enabled and before it validates the received DNS entries. A remote... |
| CVE-2020-25686 |
AVG-1470 |
Medium |
Yes |
Insufficient validation |
A flaw was found when receiving a query, where dnsmasq before version 2.83 does not check for an existing pending request for the same name and forwards a... |
| CVE-2020-25685 |
AVG-1470 |
Medium |
Yes |
Insufficient validation |
When getting a reply from a forwarded query, dnsmasq before version 2.83 checks in forward.c:reply_query() which one is the forwarded query that matches the... |
| CVE-2020-25684 |
AVG-1470 |
Medium |
Yes |
Insufficient validation |
A flaw was found when getting a reply from a forwarded query, where dnsmasq before version 2.83 checks in forward.c:reply_query() if the reply destination... |
| CVE-2020-25683 |
AVG-1470 |
Medium |
Yes |
Denial of service |
A heap-based buffer overflow was discovered in dnsmasq before version 2.83 when DNSSEC is enabled and before it validates the received DNS entries. A remote... |
| CVE-2020-25682 |
AVG-1470 |
High |
Yes |
Arbitrary code execution |
A buffer overflow vulnerability was discovered in the way dnsmasq before version 2.83 extract names from DNS packets before validating them with DNSSEC... |
| CVE-2020-25681 |
AVG-1470 |
High |
Yes |
Arbitrary code execution |
A heap-based buffer overflow was discovered in dnsmasq before version 2.83 in the way it sorts RRSets before validating them with DNSSEC data. An attacker... |
| CVE-2017-15107 |
AVG-592 |
Medium |
Yes |
Insufficient validation |
A vulnerability was found in Dnsmasq's implementation of DNSSEC before 2.79. Wildcard synthesized NSEC records could be improperly interpreted to prove the... |
| CVE-2017-14496 |
AVG-421 |
High |
Yes |
Denial of service |
An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which... |
| CVE-2017-14495 |
AVG-421 |
High |
Yes |
Denial of service |
A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which... |
| CVE-2017-14494 |
AVG-421 |
Medium |
Yes |
Information disclosure |
An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it... |
| CVE-2017-14493 |
AVG-421 |
Critical |
Yes |
Arbitrary code execution |
A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An attacker on the local network could send a crafted DHCPv6 request to dnsmasq which would... |
| CVE-2017-14492 |
AVG-421 |
Critical |
Yes |
Arbitrary code execution |
A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. An attacker on the local network segment could send... |
| CVE-2017-14491 |
AVG-421 |
Critical |
Yes |
Arbitrary code execution |
A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which... |