|
3721
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This i…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-25602
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3722
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too ma…
|
CWE-407
CWE-770
Inefficient Algorithmic Complexity
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41292
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3723
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbou…
|
CWE-125
CWE-166
Out-of-bounds Read
Improper Handling of Missing Special Element
|
CVE-2026-32792
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3724
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying …
|
CWE-416
CWE-672
Use After Free
Operation on a Resource after Expiration or Release
|
CVE-2026-33278
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3725
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could ren…
|
CWE-440
Expected Behavior Violation
|
CVE-2026-42534
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3726
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit…
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2026-42923
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3727
|
7.5 |
HIGH
Network
|
-
|
-
|
A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated a…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-9064
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3728
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the re…
|
CWE-197
CWE-787
Numeric Truncation Error
Out-of-bounds Write
|
CVE-2026-42944
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3729
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs …
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2026-42959
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3730
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority sec…
|
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
|
CVE-2026-42960
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
