Lucene search
K

9 matches found

OSV
OSV
added 2024/02/28 5:47 a.m.5 views

MGASA-2024-0051 Updated c-ares packages fix security vulnerabilities

The updated packages fix a security vulnerability: Out of bounds read in aresreadline. CVE-2024-25629...

5.5CVSS6.7AI score0.00349EPSS
Exploits0References2
OSV
OSV
added 2023/02/27 8:27 p.m.8 views

MGASA-2023-0069 Updated c-ares packages fix security vulnerability

The configsortlist function is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow and thus may cause a denial of service. CVE-2022-4904...

8.6CVSS8.6AI score0.01232EPSS
Exploits1References3
Mageia
Mageia
added 2021/10/02 6:57 p.m.35 views

Updated c-ares packages fix security vulnerability

Missing input validation on hostnames returned by DNS servers. CVE-2021-3672...

6.8CVSS6.5AI score0.02617EPSS
Exploits1References6
OSV
OSV
added 2021/10/02 6:57 p.m.6 views

MGASA-2021-0453 Updated c-ares packages fix security vulnerability

Missing input validation on hostnames returned by DNS servers. CVE-2021-3672...

6.8CVSS7.4AI score0.02617EPSS
Exploits1References7
Photon
Photon
added 2021/08/12 12:0 a.m.32 views

Important Photon OS Security Update - PHSA-2021-0282

Updates of 'c-ares' packages of Photon OS have been released...

6.8CVSS1.7AI score0.02617EPSS
Exploits1
Mageia
Mageia
added 2021/01/08 1:59 p.m.11 views

Updated c-ares packages fix security vulnerabilities

Avoid read-heap-buffer-overflow in aresparsesoareply found during fuzzing. Avoid theoretical buffer overflow in RC4 loop comparison. Empty hquery-name could lead to invalid memory access. aresparsea,aaaareply could return a larger naddrttls than was passed in...

3AI score
Exploits0References2
OSV
OSV
added 2021/01/08 1:59 p.m.4 views

MGASA-2021-0007 Updated c-ares packages fix security vulnerabilities

Avoid read-heap-buffer-overflow in aresparsesoareply found during fuzzing. Avoid theoretical buffer overflow in RC4 loop comparison. Empty hquery-name could lead to invalid memory access. aresparsea,aaaareply could return a larger naddrttls than was passed in...

7.5AI score
Exploits0References3
OSV
OSV
added 2017/07/23 7:58 p.m.10 views

MGASA-2017-0215 Updated c-ares packages fix security vulnerability

The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way CVE-2017-1000381...

7.5CVSS7.5AI score0.0331EPSS
Exploits0References3
OSV
OSV
added 2016/10/21 2:48 p.m.8 views

MGASA-2016-0351 Updated c-ares packages fix security vulnerability

In c-ares before 1.12.0, When a string is passed in to 'arescreatequery' or 'aresmkquery' and uses an escaped trailing dot, like "hello.", c-ares calculates the string length wrong and subsequently writes outside of the the allocated buffer with one byte. The wrongly written byte is the least...

9.8CVSS9.4AI score0.08583EPSS
Exploits0References3
Rows per page
Query Builder