Lucene search
K

38 matches found

Tenable Nessus
Tenable Nessus
added 2025/07/22 12:0 a.m.10 views

F5 Networks BIG-IP : c-ares vulnerability (K000149130)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6.1 / 17.1.3 / 17.5.1.2. It is, therefore, affected by a vulnerability as referenced in the K000149130 advisory. The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be...

7.5CVSS7.8AI score0.0331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-1000381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the...

7.5CVSS7.6AI score0.0331EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2025/01/03 5:50 p.m.17 views

K000149130: c-ares vulnerability CVE-2017-1000381

Security Advisory Description The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. CVE-2017-1000381 Impact An authenticated...

7.5CVSS8.6AI score0.0331EPSS
Exploits0Affected Software12
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.33 views

Ubuntu 16.04 ESM / 18.04 ESM : Node.js vulnerabilities (USN-4796-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4796-1 advisory. Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An...

8.8CVSS7.2AI score0.41288EPSS
Exploits0References10
OSV
OSV
added 2023/08/31 12:16 p.m.1 views

BELL-CVE-2017-1000381 CVE-2017-1000381 does not affect BellSoft software

Bulletin has no description...

7.5CVSS7.3AI score0.0331EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2019-0277)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.41288EPSS
Exploits0References23
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2017:2168-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.05478EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2017:1792-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.1AI score0.0331EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2020-1480)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.08583EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/23 8:41 p.m.20 views

Security Bulletin: IBM Integration Bus is affected by Node.js security vulnerability ( CVE-2017-1000381 and CVE-2017-11499 )

Summary IBM Integration Bus has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the aresparsenaptrreply function when parsing NAPTR responses...

7.5CVSS1.5AI score0.05478EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2019-1805)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.08583EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/09/17 12:0 a.m.25 views

EulerOS Virtualization for ARM 64 3.0.2.0 : c-ares (EulerOS-SA-2019-1950)

According to the versions of the c-ares package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in c-ares. A hostname with an escaped trailing dot such as 'hello.' would have its size...

9.8CVSS7.4AI score0.08583EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/23 12:0 a.m.27 views

EulerOS 2.0 SP5 : c-ares (EulerOS-SA-2019-1805)

According to the versions of the c-ares packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in c-ares. A hostname with an escaped trailing dot such as 'hello.' would have its size calculated incorrectly, leadin...

9.8CVSS7.4AI score0.08583EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.23 views

SUSE SLES12 Security Update : nodejs4, nodejs6 (SUSE-SU-2017:2168-1)

This update for nodejs4 and nodejs6 fixes the following issues: Security issues fixed : - CVE-2017-1000381: The c-ares function aresparsenaptrreply could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. bsc1044946 ...

7.5CVSS7.7AI score0.05478EPSS
Exploits1References11
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.50 views

Security Bulletin: Multiple vulnerabilities might affect IBM® SDK for Node.js™

Summary Vulnerabilities in Node.js and the c-ares library were disclosed on July 11 2017 by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-11499 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by a flaw relate...

7.5CVSS0.8AI score0.05478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.38 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK for Node.js™ in IBM Bluemix

Summary Vulnerabilities in Node.js and the c-ares library were disclosed on July 11 2017 by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remote attacker to obtain sensitive informatio...

7.5CVSS0.5AI score0.05478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.32 views

Security Bulletin: Multiple vulnerabilities in Node.js affects IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux

Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i RPG and COBOL + Modernization Tools, Java and EGL editions, and Rational Developer for AIX and Linux. Multiple Node.js vulnerabilities have been discovered that...

7.5CVSS0.6AI score0.05478EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.28 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM API Connect (CVE-2017-1000381, CVE-2017-11499)

Summary IBM API Connect has addressed Node.js vulnerabilities involving access to sensitive information and potential denial of service. Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read...

7.5CVSS1.8AI score0.05478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.34 views

Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect IBM Business Process Manager (BPM) Configuration Editor

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remot...

7.5CVSS0.8AI score0.05478EPSS
Exploits1Affected Software3
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.24 views

openSUSE Security Update : nodejs4 / nodejs6 (openSUSE-2017-948)

This update for nodejs4 and nodejs6 fixes the following issues : Security issues fixed : - CVE-2017-1000381: The c-ares function aresparsenaptrreply could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. bsc1044946...

7.5CVSS7.7AI score0.05478EPSS
Exploits1References17
Rows per page
Query Builder