Microsoft Azure Cognitive Service for Language Elevation of Privilege Vulnerability

Microsoft Azure Cognitive Service for Language is a cloud-based natural language processing service from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Azure Cognitive Service for Language, which is caused by a flaw in a customized question and answer. An attacker coul...

OESA-2025-2842 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

CVE-2025-62408

A flaw was found in c-ares. This vulnerability allows a Denial of Service DoS via terminating a query after maximum attempts when using readanswer and processanswer functions. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the readanswer or processanswer functions when a query is terminated after reaching the maximum number of attempts. An attacker can cause a crash by triggering error conditions that lead to premature connection cleanup...

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

ALPINE-CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

UBUNTU-CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

EUVD-2025-201830

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

CVE-2025-62408 c-ares has a Use After Free vulnerability when connection is cleaned up after error

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

c-ares 资源管理错误漏洞

c-ares is a C library for asynchronous DNS requests from the c-ares individual developer. A resource management error vulnerability exists in c-ares versions 1.32.3 through 1.34.5, which stems from the readanswer and processanswer functions terminating a query after the maximum number of attempts...

c-ares -- Use After Free

https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5 reports: c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed i...

CLSA-2025-1764321323 bind: Fix of CVE-2025-40778

CVE-2025-40778: fix issue with BIND being too lenient when accepting records from answers to prevent the injection of forged data into the cache...

CVE-2025-12426 Quiz Maker <= 6.7.0.80 - Unauthenticated Sensitive Information Exposure

The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.0.80. This is due to the plugin exposing quiz answers through the aysquizcheckanswer AJAX action without proper authorization checks. The endpoint only validates a nonce,...

SUSE CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

EUVD-2025-35581

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

ALPINE-CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

AZL-68727 CVE-2025-40778 affecting package bind for versions less than 9.16.50-3

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

DEBIAN-CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...