Lucene search
+L

68 matches found

ubuntu
ubuntu
added 2026/02/11 12:58 p.m.19 views

USN-8024-1: Libwebsockets vulnerabilities

Raffaele Bova discovered that Libwebsockets incorrectly handled memory when the upgrade header is not valid in the WebSocket server. An attacker could possibly use this issue to cause a denial of service. CVE-2025-11677 Raffaele Bova discovered that Libwebsockets did not properly check the size o...

7.5CVSS6.3AI score0.00374EPSS
Exploits0
redhatcve
redhatcve
added 2025/10/21 11:18 p.m.6 views

CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.6CVSS6.7AI score0.00266EPSS
Exploits0References5
susecve
susecve
added 2025/10/20 11:40 p.m.4 views

SUSE CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.5CVSS6.8AI score0.00266EPSS
Exploits0References3
euvd
euvd
added 2025/10/20 3:30 p.m.5 views

EUVD-2025-35057

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.5CVSS6.6AI score0.00266EPSS
Exploits0References3
cvelist
cvelist
added 2025/10/20 1:51 p.m.13 views

CVE-2025-11678 Stack-based Buffer Overflow in libwebsockets DNS response parsing

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.5CVSS0.00266EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/10/20 12:0 a.m.5 views

Libwebsockets 安全漏洞

Libwebsockets is a canonical libwebsockets networking library open-sourced by lws-team. A security vulnerability exists in Libwebsockets that stems from a stack-based buffer overflow in the lwsadnsparselabel function when compiled with the LWSWITHSYSASYNCDNS flag enabled, which could lead to the...

7.5CVSS7.1AI score0.00266EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-22949

Malicious code in bioql PyPI...

5.5CVSS6.7AI score0.00349EPSS
Exploits0References5
nessus
nessus
added 2025/06/09 12:0 a.m.4 views

NewStart CGSL MAIN 7.02 : c-ares Vulnerability (NS-SA-2025-0075)

The remote NewStart CGSL host, running version MAIN 7.02, has c-ares packages installed that are affected by a vulnerability: - c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASE...

5.5CVSS7.2AI score0.00349EPSS
Exploits0References3
openvas
openvas
added 2025/05/19 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2025-1453)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.4AI score0.00349EPSS
Exploits0References2
rocky
rocky
added 2025/05/07 7:13 p.m.9 views

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

5.5CVSS6.1AI score0.00349EPSS
Exploits0
rocky
rocky
added 2025/05/07 7:11 p.m.11 views

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

5.5CVSS6.1AI score0.00349EPSS
Exploits0
nessus
nessus
added 2025/04/24 12:0 a.m.7 views

c-ares Installed (macOS)

Binary data macosc-aresinstalled.nbin...

7.3AI score
Exploits0References1
openvas
openvas
added 2025/02/05 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2025-1104)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00349EPSS
Exploits0References2
openvas
openvas
added 2024/11/11 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2808)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00349EPSS
Exploits0References2
openvas
openvas
added 2024/11/11 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2900)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00349EPSS
Exploits0References2
openvas
openvas
added 2024/11/11 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2881)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00349EPSS
Exploits0References2
openvas
openvas
added 2024/11/11 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2824)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00349EPSS
Exploits0References2
nessus
nessus
added 2024/11/08 12:0 a.m.11 views

EulerOS 2.0 SP10 : c-ares (EulerOS-SA-2024-2900)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : c-ares is a C library for asynchronous DNS requests.aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/...

5.5CVSS7.3AI score0.00349EPSS
Exploits0References2
openvas
openvas
added 2024/10/28 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2766)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00349EPSS
Exploits0References2
openvas
openvas
added 2024/10/28 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2731)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00349EPSS
Exploits0References2
Rows per page
Query Builder