Known Vulnerabilities for products from Nic
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Nic".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-46317 json | Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers. | 7.5 - HIGH | 2023-10-22 | 2023-11-01 |
| CVE-2023-26249 json | Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causin... | 7.5 - HIGH | 2023-02-21 | 2023-03-02 |
| CVE-2022-40188 json | Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic comp... | 7.5 - HIGH | 2022-09-23 | 2023-11-07 |
| CVE-2022-32983 json | Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters. | 5.3 - MEDIUM | 2022-06-20 | 2022-06-27 |
| CVE-2021-40083 json | Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too... | 7.5 - HIGH | 2021-08-25 | 2021-08-30 |
| CVE-2021-26928 json | ** DISPUTED ** BIRD through 2.0.7 does not provide functionality for password authentication of BGP peers. Because of this, p... | 6.8 - MEDIUM | 2021-06-04 | 2023-11-07 |
| CVE-2021-3346 json | Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template. | 9.8 - CRITICAL | 2021-01-29 | 2021-02-02 |
| CVE-2020-12667 json | Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "... | 7.5 - HIGH | 2020-05-19 | 2023-11-07 |
| CVE-2019-19331 json | knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very man... | 7.5 - HIGH | 2019-12-16 | 2019-12-17 |
| CVE-2019-16159 json | BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's su... | 7.5 - HIGH | 2019-09-09 | 2023-11-07 |
| CVE-2019-10191 json | A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgra... | 7.5 - HIGH | 2019-07-16 | 2023-02-12 |
| CVE-2019-10190 json | A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows rem... | 7.5 - HIGH | 2019-07-16 | 2023-02-12 |
| CVE-2018-1000002 json | Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-i... | 3.7 - LOW | 2018-01-22 | 2019-11-06 |
| CVE-2018-10920 json | Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. | 6.8 - MEDIUM | 2018-08-02 | 2020-02-18 |
| CVE-2018-1110 json | A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service. | 7.5 - HIGH | 2021-03-30 | 2021-04-02 |
| CVE-2014-0486 json | Knot DNS before 1.5.2 allows remote attackers to cause a denial of service (application crash) via a crafted DNS message. | 7.5 - HIGH | 2018-03-27 | 2018-04-19 |
| CVE-2013-5661 json | Cache Poisoning issue exists in DNS Response Rate Limiting. | 5.9 - MEDIUM | 2019-11-05 | 2019-11-08 |
Known software with vulnerabilities from Nic
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Nic | Bird | 1.6.0 |
| Application | Nic | Foris | 101.1 |
| Application | Nic | Knot Cms | 1.5.2 |
| Application | Nic | Knot Resolver | 1.0.0 |