Lucene search
K

105 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in c-ares

A flaw was discovered in the c-ares library. A missing input validation check for host names returned by DNS Domain Name Servers can result in incorrect hostnames being displayed. This could potentially lead to Domain Hijacking. The greatest threat posed by this vulnerability is related to...

6.8CVSS6.7AI score0.02617EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.6 views

Debian dsa-6084 : libc-ares-dev - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6084 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6084-1 [email protected] https://www.debian.org/security/...

5.9CVSS5.5AI score0.0039EPSS
Exploits0References4
OSV
OSV
added 2025/12/18 12:0 a.m.6 views

DSA-6084-1 c-ares - security update

Bulletin has no description...

5.9CVSS6.9AI score0.0039EPSS
Exploits0
NVD
NVD
added 2025/12/08 10:15 p.m.4 views

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

5.9CVSS0.0039EPSS
Exploits0References2
OSV
OSV
added 2025/12/08 10:15 p.m.2 views

ALPINE-CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

5.9CVSS6.7AI score0.0039EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/12/08 10:4 p.m.3 views

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

5.9CVSS6.9AI score0.0039EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-6498

Malware in sbrugna...

3.3CVSS4AI score0.00529EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35463

Malicious code in bioql PyPI...

6.5CVSS7.2AI score0.00905EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35450

Malicious code in bioql PyPI...

3.7CVSS6.5AI score0.00936EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-22949

Malicious code in bioql PyPI...

5.5CVSS6.7AI score0.00349EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 1:52 p.m.20 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.10.0 Vulnerability Details CVEID:CVE-2025-46727 DESCRIPTION: Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and...

9.8CVSS10AI score0.03178EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: c-ares (TSSA-2022:0198)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0198 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
OSV
OSV
added 2025/05/07 7:11 p.m.3 views

RLSA-2024:4249 Low: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

4.4CVSS7AI score0.00349EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.50 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases / c-ares / pgbouncer (CVE-2021-3672)

The version of CBL-Mariner Releases / c-ares / pgbouncer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3672 advisory. - A flaw was found in c-ares library, where a missing input validation check...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
Fedora
Fedora
added 2025/04/24 3:29 a.m.13 views

[SECURITY] Fedora 40 Update: c-ares-1.34.5-1.fc40

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

8.3CVSS7.3AI score0.00555EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.5 views

The vulnerability of the C-ares asynchronous DNS query library, related to the possibility of using memory after it is freed, allows a hacker to cause a service failure.

The vulnerability of the C-ares asynchronous DNS query library is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

7CVSS6.6AI score0.00555EPSS
Exploits0References6Affected Software1
Fedora
Fedora
added 2025/04/21 4:47 p.m.12 views

[SECURITY] Fedora 41 Update: c-ares-1.34.5-1.fc41

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

8.3CVSS7AI score0.00555EPSS
Exploits0
Fedora
Fedora
added 2025/04/11 6:34 p.m.16 views

[SECURITY] Fedora 42 Update: c-ares-1.34.5-1.fc42

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

8.3CVSS7AI score0.00555EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-31498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query eithe...

8.3CVSS7.5AI score0.00555EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/04/08 1:53 p.m.6 views

CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

8.3CVSS7.4AI score0.00555EPSS
Exploits0References4
Rows per page
Query Builder