67 matches found
USN-8024-1: Libwebsockets vulnerabilities
Raffaele Bova discovered that Libwebsockets incorrectly handled memory when the upgrade header is not valid in the WebSocket server. An attacker could possibly use this issue to cause a denial of service. CVE-2025-11677 Raffaele Bova discovered that Libwebsockets did not properly check the size o...
CVE-2025-11678
Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...
SUSE CVE-2025-11678
Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...
EUVD-2025-35057
Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...
CVE-2025-11678 Stack-based Buffer Overflow in libwebsockets DNS response parsing
Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...
Libwebsockets 安全漏洞
Libwebsockets is a canonical libwebsockets networking library open-sourced by lws-team. A security vulnerability exists in Libwebsockets that stems from a stack-based buffer overflow in the lwsadnsparselabel function when compiled with the LWSWITHSYSASYNCDNS flag enabled, which could lead to the...
EUVD-2024-22949
Malicious code in bioql PyPI...
NewStart CGSL MAIN 7.02 : c-ares Vulnerability (NS-SA-2025-0075)
The remote NewStart CGSL host, running version MAIN 7.02, has c-ares packages installed that are affected by a vulnerability: - c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASE...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2025-1453)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
c-ares security update
An update is available for c-ares. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...
c-ares security update
An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...
c-ares Installed (macOS)
Binary data macosc-aresinstalled.nbin...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2025-1104)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2881)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2900)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2808)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2824)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : c-ares (EulerOS-SA-2024-2900)
According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : c-ares is a C library for asynchronous DNS requests.aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2731)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2766)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...