VYPR

Dnsmasq

by Thekelleys

CVEs (48)

  • CVE-2017-14492CriOct 3, 2017
    risk 0.74cvss 9.8epss 0.93

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

  • CVE-2017-14491CriOct 4, 2017
    risk 0.73cvss 9.8epss 0.85

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

  • CVE-2017-14493CriOct 3, 2017
    risk 0.73cvss 9.8epss 0.84

    Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

  • CVE-2017-14495HigOct 3, 2017
    risk 0.58cvss 7.5epss 0.84

    Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

  • CVE-2017-14496HigOct 3, 2017
    risk 0.57cvss 7.5epss 0.66

    Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

  • CVE-2017-13704HigOct 3, 2017
    risk 0.54cvss 7.5epss 0.65

    In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.

  • CVE-2026-6507HigApr 17, 2026
    risk 0.49cvss 7.5epss 0.00

    A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server configured with the `--dhcp-split-relay` option. This can lead to memory corruption,…

  • CVE-2017-15107HigJan 23, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

  • CVE-2015-8899HigJun 30, 2016
    risk 0.49cvss 7.5epss 0.02

    Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

  • CVE-2005-0877HigMay 2, 2005
    risk 0.49cvss 7.5epss 0.02

    Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.

  • CVE-2026-4892HigMay 11, 2026
    risk 0.48cvss 8.4epss 0.01

    A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet.

  • CVE-2026-2291HigMay 11, 2026
    risk 0.48cvss 7.3epss 0.01

    dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.

  • CVE-2017-14494MedOct 3, 2017
    risk 0.47cvss 5.9epss 0.68

    dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

  • CVE-2026-4890HigMay 11, 2026
    risk 0.42cvss 7.5epss 0.07

    A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

  • CVE-2026-5172HigMay 11, 2026
    risk 0.40cvss 7.3epss 0.01

    A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

  • CVE-2026-4893MedMay 11, 2026
    risk 0.27cvss 5.3epss 0.03

    An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information.

  • CVE-2026-4891MedMay 11, 2026
    risk 0.27cvss 5.3epss 0.06

    A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

  • CVE-2020-25681Jan 20, 2021
    risk 0.04cvss epss 0.81

    A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to…

  • CVE-2009-2958Sep 2, 2009
    risk 0.04cvss epss 0.10

    The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.

  • CVE-2009-2957Sep 2, 2009
    risk 0.04cvss epss 0.13

    Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.

Page 1 of 3