Lucene search
+L

226 matches found

Tenable Nessus
Tenable Nessus
added 2022/05/16 12:0 a.m.27 views

Rocky Linux 8 : c-ares (RLSA-2022:2043)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2043 advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.25 views

AlmaLinux 8 : c-ares (ALSA-2022:2043)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2043 advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostname...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2022/05/10 2:23 p.m.7 views

c-ares: Missing input validation of host names may lead to domain hijacking

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

6.8CVSS7.1AI score0.02617EPSS
Exploits1References5
Rockylinux
Rockylinux
added 2022/05/10 8:14 a.m.90 views

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

6.8CVSS6.3AI score0.02617EPSS
Exploits1
OSV
OSV
added 2022/05/10 8:14 a.m.26 views

ALSA-2022:2043 Moderate: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...

6.8CVSS6.3AI score0.02617EPSS
Exploits1References2
OSV
OSV
added 2022/05/10 8:14 a.m.29 views

RLSA-2022:2043 Moderate: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...

5.6CVSS6.7AI score0.02617EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2022/05/10 8:14 a.m.34 views

Moderate: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...

6.8CVSS6.4AI score0.02617EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.29 views

CentOS 8 : c-ares (CESA-2022:2043)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:2043 advisory. - c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 Note that Nessus has not tested for this issue but has instead relie...

6.8CVSS6.9AI score0.02617EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2022-1112)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.02617EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.27 views

EulerOS Virtualization 3.0.6.0 : c-ares (EulerOS-SA-2022-1057)

According to the versions of the c-ares packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.69 views

Rocky Linux 8 : nodejs:14 (RLSA-2021:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3666 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host...

9.8CVSS7.2AI score0.37286EPSS
Exploits5References18
Tenable Nessus
Tenable Nessus
added 2022/01/06 12:0 a.m.22 views

EulerOS Virtualization 3.0.2.6 : c-ares (EulerOS-SA-2021-2882)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/12/31 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-2882)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.2AI score0.02617EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/12/30 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-2841)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.2AI score0.02617EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2021/11/27 8:0 a.m.6 views

A flaw was found in c-ares library where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

...

6.8CVSS6.9AI score0.02617EPSS
Exploits1
NVD
NVD
added 2021/11/23 7:15 p.m.22 views

CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

6.8CVSS0.02617EPSS
Exploits1References5
OSV
OSV
added 2021/11/23 7:15 p.m.3 views

ALPINE-CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

5.6CVSS6.4AI score0.02617EPSS
Exploits1References1
OSV
OSV
added 2021/11/23 7:15 p.m.4 views

DEBIAN-CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

5.6CVSS6.2AI score0.02617EPSS
Exploits1References1
OSV
OSV
added 2021/11/23 7:15 p.m.35 views

CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

5.6CVSS2.4AI score
Exploits0References5
OSV
OSV
added 2021/11/23 7:15 p.m.11 views

AZL-38359 CVE-2021-3672 affecting package ceph for versions less than 18.2.2-1

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

5.6CVSS6.6AI score0.02617EPSS
Exploits1References1
Rows per page
Query Builder