Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.6 views

NewStart CGSL MAIN 6.06 (SP) : c-ares Vulnerability (NS-SA-2026-0023)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has c-ares packages installed that are affected by a vulnerability: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames whi...

6.8CVSS7AI score0.02617EPSS
Exploits1References3
Amazon
Amazon
added 2023/07/19 12:0 a.m.5 views

Medium: nodejs

Issue Overview: A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. CVE-2022-49...

8.6CVSS7.7AI score0.02023EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/07/12 8:33 a.m.7 views

c-ares: buffer overflow in config_sortlist() due to missing string length check

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

8.6CVSS7.5AI score0.01232EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/04/12 3:10 p.m.3 views

c-ares: buffer overflow in config_sortlist() due to missing string length check

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

8.6CVSS7.5AI score0.01232EPSS
Exploits1References5
OSV
OSV
added 2023/03/06 11:15 p.m.10 views

AZL-34775 CVE-2022-4904 affecting package grpc for versions less than 1.62.0-2

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

8.6CVSS7.1AI score0.01232EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/03/06 12:0 a.m.3 views

CVE-2022-4904

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

6.9AI score0.01232EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2021/11/27 8:0 a.m.5 views

A flaw was found in c-ares library where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

...

6.8CVSS6.9AI score0.02617EPSS
Exploits1
Rows per page
Query Builder