1296 matches found
MiracleLinux 9 : nodejs:18 (AXSA:2024-8154:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8154:01 advisory. nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service...
MiracleLinux 9 : c-ares-1.17.1-5.el9.1 (AXSA:2023-6019:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6019:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 Tenable has extracted the preceding description block directly from the MiracleLinux security...
MiracleLinux 9 : nodejs-16.20.2-8.el9_4 (AXSA:2024-8149:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8149:02 advisory. nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service...
Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware
Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. "Attackers achieve...
MiracleLinux 8 : nodejs:20 (AXSA:2025-9918:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9918:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the MiracleLinux securi...
MiracleLinux 7 : c-ares-1.10.0-3.1.0.1.el7.AXS7 (AXSA:2025-10896:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10896:01 advisory. CVE-2016-5180: fix heap-based buffer overflow in the arescreatequery causing DoS CVEs: CVE-2016-5180 Heap-based buffer overflow in the arescreatequery...
MiracleLinux 8 : nodejs:22 (AXSA:2025-9926:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9926:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the precedi...
MiracleLinux 9 : nodejs:20 (AXSA:2025-10487:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10487:02 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : nodejs:22 (AXSA:2025-10479:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10479:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the...
ARES-v6.0-PRO
No d...
Siemens Ruggedcom ROX Buffer Over-read (CVE-2020-22217)
Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
c-ares-devel-1.34.6-1.1 on GA media (moderate)
c-ares-devel-1.34.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10007-1 Rating: moderate Cross-References: CVE-2025-62408 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2026:10007-1 c-ares-devel-1.34.6-1.1 on GA media
These are all security issues fixed in the c-ares-devel-1.34.6-1.1 package on the GA media of openSUSE Tumbleweed...
Debian: Security Advisory (DSA-6084-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 6084-1] c-ares security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6084-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 18, 2025 https://www.debian.org/security/faq -...
DSA-6084-1 c-ares - security update
Bulletin has no description...
Debian dsa-6084 : libc-ares-dev - security update
The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6084 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6084-1 [email protected] https://www.debian.org/security/...
FreeBSD : c-ares -- Use After Free (1adf9ece-d4a3-11f0-83a2-843a4b343614)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1adf9ece-d4a3-11f0-83a2-843a4b343614 advisory. https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5 reports: c-ares is an...
Ubuntu 25.04 / 25.10 : c-ares vulnerability (USN-7925-1)
The remote Ubuntu 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7925-1 advisory. It was discovered that c-ares incorrectly handled terminating certain queries after a maximum number of attempts. An attacker could possibly use this issue to...
Ubuntu: Security Advisory (USN-7925-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...