Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2965 matches found

Veracode
Veracodeadded 2023/03/17 5:10 a.m.23 views

Buffer Overflow

libpjsip.so is vulnerable to Buffer Overflow. The vulnerability is due to the DNS resolver located in dns.c because it does not properly configure the nameserver, which allows an attacker to cause memory corruption resulting in an application crash...

7.5CVSS7.4AI score0.0233EPSS
Exploits1References7Affected Software4
NVD
NVDadded 2023/03/14 5:15 p.m.19 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.6AI score0.0233EPSS
Exploits1References8
OSV
OSVadded 2023/03/14 5:15 p.m.1 views

ALPINE-CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.4AI score0.0233EPSS
Exploits1References1
OSV
OSVadded 2023/03/14 5:15 p.m.2 views

DEBIAN-CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS8.4AI score0.0233EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2023/03/14 5:15 p.m.38 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.3AI score0.0233EPSS
Exploits1References7
Prion
Prionadded 2023/03/14 5:15 p.m.21 views

Buffer overflow

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

5CVSS7.5AI score0.0233EPSS
Exploits1References7Affected Software1
OSV
OSVadded 2023/03/14 5:15 p.m.1 views

UBUNTU-CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.4AI score0.0233EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2023/03/14 12:0 a.m.1 views

PT-2023-21227 · Pjsip +4 · Pjsip +4

Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.13 and prior Description: A buffer overflow issue affects applications using the PJSIP DNS resolver, specifically in the parse query function. This issue does not impact PJSIP users who do not use the PJSIP DNS resolver...

9.8CVSS7.7AI score0.0462EPSS
Exploits2References102
Vulnrichment
Vulnrichmentadded 2023/03/14 12:0 a.m.5 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.6AI score0.0233EPSS
Exploits1References7
Cvelist
Cvelistadded 2023/03/14 12:0 a.m.24 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS8.2AI score0.0233EPSS
Exploits1References7
CVE
CVEadded 2023/03/14 12:0 a.m.163 views

CVE-2023-27585

Summary: CVE-2023-27585 affects the PJSIP DNS resolver in the pjproject library. The vulnerability is a buffer overflow in the parsing of DNS query records (parse_query()) for versions 2.13 and earlier. Impact: as described, it can cause a crash (availability impact) with no confidentiality/integ...

7.5CVSS7.5AI score0.0233EPSS
Exploits1References8Affected Software1
AlpineLinux
AlpineLinuxadded 2023/03/14 12:0 a.m.32 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.7AI score0.0233EPSS
Exploits1
OSV
OSVadded 2023/03/14 12:0 a.m.26 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.9AI score0.0233EPSS
Exploits1References10
Debian CVE
Debian CVEadded 2023/03/14 12:0 a.m.28 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS8.4AI score0.0233EPSS
Exploits1
Veracode
Veracodeadded 2023/02/26 7:45 p.m.20 views

Denial Of Service (DoS)

knot-resolver is vulnerable to Denial Of Service DoS. The vulnerability exists because the single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response, allowing an attacker to crash the application...

7.5CVSS7.2AI score0.00708EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/22 2:54 a.m.4 views

SUSE CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.5CVSS6.8AI score0.00708EPSS
Exploits0References3
OpenVAS
OpenVASadded 2023/02/22 12:0 a.m.15 views

Knot Resolver < 5.6.0 DoS Vulnerability

Knot Resolver is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.5CVSS7.5AI score0.00708EPSS
Exploits0References1
F5 Networks
F5 Networksadded 2023/02/21 7:59 p.m.256 views

K12331123: NGINX Plus and Open Source vulnerability CVE-2021-23017

Security Advisory Description An issue in NGINX resolver may allow an attacker who is able to forge UDP packets from the specified DNS server to cause a 1-byte memory overwrite, resulting in a worker process crash or other unspecified impact. CVE-2021-23017 Impact A remote attacker can cause a...

7.7CVSS8.3AI score0.52838EPSS
Exploits10Affected Software3
F5 Networks
F5 Networksadded 2023/02/21 7:57 p.m.18 views

K00724442: BIG-IP DNS and GTM DNSSEC security exposure

Security Advisory Description The BIG-IP DNSSEC implementation returns an incorrect NSEC3 record for a DNS query for a resource record type, which does not exist at given name. The incorrect record indicates that only one of TXT/HINFO/RP resource record types exists at given name, even if A or AA...

6.8AI score
Exploits0
F5 Networks
F5 Networksadded 2023/02/21 7:56 p.m.173 views

K07010600: BIND vulnerability CVE-2022-3080

Security Advisory Description By sending specific queries to the resolver, an attacker can cause named to crash. CVE-2022-3080 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported...

7.5CVSS7.6AI score0.01486EPSS
Exploits0
Rows per page
Query Builder