Lucene search
K

7 matches found

OSV
OSV
added 2026/06/25 5:17 p.m.3 views

DEBIAN-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 3:43 p.m.4 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 3:43 p.m.31 views

CVE-2026-56123 socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS0.00308EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/05 6:21 a.m.4 views

CVE-2026-1678 dns: memory‑safety issue in the DNS name parser

dnsunpackname caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled default, a malicious DNS response can trigger an out-of-bounds wri...

9.4CVSS6AI score0.00376EPSS
Exploits1References1
CVE
CVE
added 2026/03/05 6:21 a.m.24 views

CVE-2026-1678

CVE-2026-1678 affects Zephyr’s DNS name parser. The function dns_unpack_name() caches the buffer tailroom and reuses it when appending DNS labels; as the buffer grows, the cached size can become incorrect, allowing the final null terminator to be written past the buffer. With assertions disabled ...

9.8CVSS6AI score0.00376EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/06/24 12:0 a.m.4 views

FreeRTOS-Plus-TCP Security Vulnerability

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP versions prior to 4.1.1 that stems from a buffer over-read in the DNS response parser...

9.6CVSS7AI score0.00615EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2017/09/14 6:0 a.m.2 views

CVE-2017-12995

The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:nsprint...

6.6AI score0.02406EPSS
Exploits0References7
Rows per page
Query Builder