Huawei EulerOS: Security Advisory for libwebsockets (EulerOS-SA-2026-1404)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : libwebsockets (EulerOS-SA-2026-1373)

According to the versions of the libwebsockets package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the lwsadnsparselabel function when the LWSWITHSYSASYNCDNS flag is enabled during compilation. An attacker can execute arbitrary code or cause a crash by crafting a malicious DNS response with a label...

CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

PT-2025-42761

Name of the Vulnerable Software and Affected Versions libwebsockets affected versions not specified Description A stack-based buffer overflow exists in the lws adns parse label function within libwebsockets. This occurs when the LWS WITH SYS ASYNC DNS flag is enabled during compilation and an...

EUVD-2017-18045

Malware in sbrugna...

EUVD-2017-18044

Malware in sbrugna...

EUVD-2017-18041

Malware in sbrugna...

EUVD-2017-18047

Malware in sbrugna...

EUVD-2017-18043

Malware in sbrugna...

EUVD-2017-18042

Malware in sbrugna...

EUVD-2017-18046

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-9104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered. CVE-2017-9104 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2017-9107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and...

Linux Distros Unpatched Vulnerability : CVE-2017-9103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. papmailbox822 does not properly check st from adnsfindlabelnext. Without this, an uninitialised stack value can be...

Linux Distros Unpatched Vulnerability : CVE-2017-9109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the...

Linux Distros Unpatched Vulnerability : CVE-2017-9105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug m...

Linux Distros Unpatched Vulnerability : CVE-2017-9108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r,...

OPENSUSE-SU-2024:10612-1 adns-1.6.0-1.8 on GA media

These are all security issues fixed in the adns-1.6.0-1.8 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2008-4100

GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the...