PowerDNS Recursor Multiple DoS Vulnerabilities (2018-06, 2018-07)

PowerDNS Recursor is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Red Hat 389 Directory Server Denial of Service Vulnerability (CNVD-2019-02473)

Red Hat 389 Directory Server formerly known as Fedora Directory Server is an enterprise-class Linux directory server from Red Hat. The server fully supports the LDAPv3 specification and features scalability, multi-master replication, and more. A security vulnerability exists in the 'dosearch'...

The vulnerability of the SQL Server database management system, caused by buffer overflows, allows attackers to execute arbitrary code.

The vulnerability of the SQL Server database management system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted query from a remote location...

Microsoft SQL Server Buffer Overflow Vulnerability

Microsoft SQL Server is the United States Microsoft Microsoft company develops and maintains a set of applications in the Microsoft Windows system under the large commercial database system. A buffer overflow vulnerability exists in Microsoft SQL Server 2017, SQL Server SP1 and SP2. A remote...

CVE-2018-9852

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23...

DNSmasq Denial of Service Vulnerability (CNVD-2017-29272)

DNSmasq is a small and handy tool for configuring DNS and DHCP for small networks that provides DNS functionality and optional DHCP functionality. A denial of service vulnerability exists in DNSmasq 2.77 and earlier versions, which allows remote attackers to cause the target service to crash by...

The vulnerability of the Connman connection manager (“dnsproxy.c”) allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Connman connection manager “dnsproxy.c” is caused by buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to cause a service failure or execute arbitrary code using a specially created text string in the response to a query that includes th...

The vulnerability of the SQLite component in Mac OS X and iOS operating systems allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the SQLite component in Mac OS X and iOS operating systems arises from buffer overflows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure application termination by using a specially crafted SQL query...

The vulnerability of the SQLite component in Mac OS X and iOS operating systems allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the SQLite component in Mac OS X and iOS operating systems arises from the execution of an operation beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption, application...

The vulnerability of the SQLite component in Mac OS X and iOS operating systems allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the SQLite component in Mac OS X and iOS operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure application termination by using a specially crafted SQL quer...

OpenLDAP ldapsearch pagesize Double Free Denial of Service (CVE-2017-9287)

A double free vulnerability exists in the ldapsearch function of OpenLDAP. The vulnerability is due to improper handling of ldapsearch queries with a pagesize of 0. A remote attacker can exploit this vulnerability by sending a crafted query to he target OpenLDAP server...

UBUNTU-CVE-2017-2520

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...

UBUNTU-CVE-2017-3136

A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were...

MariaDB Server 10.2.x < 10.2.4 Multiple DoS

Binary data 700000.prm...

CVE-2016-7434

The readmrulist function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service crash via a crafted mrulist query...

Design/Logic Flaw

The readmrulist function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service crash via a crafted mrulist query...

CVE-2016-7434

The readmrulist function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service crash via a crafted mrulist query...

ISC BIND 'buffer.c' Assertion Failure Denial of Service Vulnerability - Windows

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

Debian DLA-645-1 : bind9 security update

CVE-2016-2775 lwresd crash with long query name Backport of upstream commit 38cc2d14e218e536e0102fa70deef99461354232. CVE-2016-2776 assertion failure due to unspecified crafted query Fix based on 43139-9-9.patch from ISC. For Debian 7 'Wheezy', these problems have been fixed in version...

VulnCheck KEV: CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...