Lucene search
K

1296 matches found

Fedora
Fedora
added 5 days ago7 views

[SECURITY] Fedora 44 Update: c-ares-1.34.7-1.fc44

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-33630

A flaw was found in c-ares. A use-after-free / double-free vulnerability exists in the query-completion handling path, where a query callback is invoked while the query is still linked in internal lookup structures. A remote attacker can exploit this via aresgetaddrinfo over TCP by sending crafte...

7.5CVSS6AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.19 views

Linux Distros Unpatched Vulnerability : CVE-2026-33630

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free / double-free in query-completion handling fedora-all CVE-2026-33630 Note that Nessus relies on the presence of the package as reported by the...

6.1AI score
Exploits0References4
GithubExploit
GithubExploit
added 2026/06/07 4:13 p.m.76 views

ARES-v6.0-PRO-

No d...

5.4AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in c-ares

A flaw was discovered in the c-ares package. The aressetsortlist function lacks checks for the validity of the input string, which could lead to a stack overflow vulnerability with an arbitrary length. This issue may cause a denial of service or have a limited impact on confidentiality and...

8.6CVSS7.2AI score0.01232EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in c-ares

C-ares is an asynchronous resolver library. The aresinetnetpton function is vulnerable to a buffer underflow for certain IPv6 addresses. In particular, the address “0::00:00:00/2” was found to cause an issue. C-ares only uses this function internally for configuration purposes, and an administrat...

6.4CVSS6.9AI score0.00333EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in c-ares

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service attacks. When a target resolver sends a query, the attacker creates a malformed UDP packet with a length of 0 and sends it back to the target resolver. The target resolver misinterprets this 0-length field as an...

7.5CVSS6.3AI score0.01577EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in c-ares

A flaw was discovered in the c-ares library. A missing input validation check for host names returned by DNS Domain Name Servers can result in incorrect hostnames being displayed. This could potentially lead to Domain Hijacking. The greatest threat posed by this vulnerability is related to...

6.8CVSS6.7AI score0.02617EPSS
Exploits1References2
Redos
Redos
added 2026/05/12 12:0 a.m.28 views

ROS-20260512-73-0034

Vulnerability in c-ares related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

5.9CVSS7.2AI score0.00396EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: c-ares (UTSA-2026-017414)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017414 advisory. A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames...

6.8CVSS7.2AI score0.02617EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.13 views

openSUSE 16 Security Update : c-ares (openSUSE-SU-2026:20698-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20698-1 advisory. This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore...

5.9CVSS6.8AI score0.00396EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 9:37 a.m.7 views

OPENSUSE-SU-2026:20698-1 Security update for c-ares

This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...

5.9CVSS6.7AI score0.00396EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 9:36 a.m.9 views

SUSE-SU-2026:21584-1 Security update for c-ares

This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...

5.9CVSS6.7AI score0.00396EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 9:36 a.m.6 views

SUSE-SU-2026:21574-1 Security update for c-ares

This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...

5.9CVSS6.7AI score0.00396EPSS
Exploits0References3
OSV
OSV
added 2026/04/21 5:10 p.m.12 views

CLSA-2026-1776431757 c-ares: Fix of CVE-2022-4904

CVE-2022-4904: fix stack overflow in aressetsortlist due to missing input validation...

8.6CVSS7.3AI score0.01232EPSS
Exploits1References1
OSV
OSV
added 2026/04/17 1:22 p.m.11 views

CLSA-2026-1776432133 c-ares: Fix of CVE-2022-4904

CVE-2022-4904: fix stack overflow in aressetsortlist due to missing input validation...

8.6CVSS5.9AI score0.01232EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/04/10 6:46 p.m.7 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: c-ares: c-ares-1.34.6-3.1.hum1 aarch64, x8664 c-ares-devel-1.34.6-3.1.hum1 aarch64, x8664 c-ares-1.34.6-3.1.hum1.src src...

5.9CVSS7.1AI score0.00396EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 7:23 a.m.7 views

Security Bulletin: Denial of Service Vulnerability in c-ares Resolver (Versions 1.32.3–1.34.5), affects watsonx.data

Summary c-ares versions 1.32.3–1.34.5 contain a flaw where certain DNS queries may terminate prematurely after maximum retry attempts, potentially leading to a Denial of Service. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-62408 DESCRIPTION: c-ares is an asynchronous resolv...

5.9CVSS5.9AI score0.00396EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.6 views

NewStart CGSL MAIN 6.06 (SP) : c-ares Vulnerability (NS-SA-2026-0023)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has c-ares packages installed that are affected by a vulnerability: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames whi...

6.8CVSS7AI score0.02617EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2026/02/11 2:52 p.m.9 views

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines. The campaigns are...

6.5AI score
Exploits0
Rows per page
Query Builder