CLSA-2025-1741216137 bind: Fix of CVE-2024-11187

CVE-2024-11187: limit additional section record while queries processing to prevent CPU exhaustion...

ROS-20250109-02

Vulnerability in dogtag-pki and pki-core packages is related to incorrect input validation during query processing LDAP. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the authentication process. authentication...

ROS-20240611-12

Vulnerability of the named DNS server daemon BIND is related to an operation overrunning the buffer boundaries in memory as a result of recursion during processing of received packets. as a result of uncontrolled recursion when processing received packets. Exploitation of the vulnerability could...

Fedora: Security Advisory for javaewah (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BIT-MEDIAWIKI-2021-41799

MediaWiki before 1.36.2 allows a denial of service resource consumption because of lengthy query processing time. ApiQueryBacklinks action=query&list=backlinks can cause a full table scan...

BIT-MEDIAWIKI-2021-41800

MediaWiki before 1.36.2 allows a denial of service resource consumption because of lengthy query processing time. Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled...

BIT-SQLITE-2020-35525

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing...

ISC BIND Security Vulnerability

ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability exists in ISC BIND that stems from a problem in the query processing code that could lead to an assertion failure...

EulerOS 2.0 SP8 : sqlite (EulerOS-SA-2023-3160)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing. CVE-2020-35525 Note that Tenable Network...

CVE-2023-50730 Grackle has StackOverflowError in GraphQL query processing

Grackle is a GraphQL server written in functional Scala, built on the Typelevel stack. The GraphQL specification requires that GraphQL fragments must not form cycles, either directly or indirectly. Prior to Grackle version 0.18.0, that requirement wasn't checked, and queries with cyclic fragments...

Grackle has StackOverflowError in GraphQL query processing

Impact Prior to this fix, the GraphQL query parsing was vulnerable to StackOverflowErrors. The possibility of small queries resulting in stack overflow is a potential denial of service vulnerability. This potentially affects all applications using Grackle which have untrusted users. !CAUTION No...

ROS-20230414-02

DNS server BIND vulnerability is related to reachable assertion in DNS query processing. Exploitation The vulnerability allows an attacker acting remotely to send repeated patterns of specific requests to servers with DNSSEC-Validated Cache synth-from-rom enabled. queries to servers with the...

PT-2023-12807 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure in the modem due to an improper check of IP type while processing a DNS server query. Recommendations: At the moment, there is no information...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2022-2779)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NULL Pointer Dereference

sqlite3 is vulnerable to null pointer dereference. The vulnerability exists due to the the INTERSEC query processing which cause a potential null pointer derreference...

CVE-2020-35525

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing...

CVE-2020-35525

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing...

UBUNTU-CVE-2020-35525

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing...

CVE-2020-35525

SQLite 3.31.1 contains a potential null pointer dereference in INTERSEC query processing (CVE-2020-35525). Affected products include sqlite3 libraries used by various distributions. Exploitation status is not described in the provided documents, but multiple advisories indicate remediation: Debia...

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2022:2713-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2713-1 advisory. - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of...