Lucene search
K

164 matches found

Debian CVE
Debian CVE
added 2022/01/28 12:0 a.m.33 views

CVE-2022-23096

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read...

9.1CVSS7.6AI score0.02598EPSS
Exploits1
OSV
OSV
added 2022/01/28 12:0 a.m.9 views

CVE-2022-23096

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read...

9.1CVSS9.2AI score0.02598EPSS
Exploits1References7
OSV
OSV
added 2022/01/28 12:0 a.m.8 views

CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received...

7.5CVSS9.2AI score0.02485EPSS
Exploits1References7
Cvelist
Cvelist
added 2022/01/28 12:0 a.m.27 views

CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received...

8.7AI score0.02485EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2022/01/28 12:0 a.m.55 views

CVE-2022-23096

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read...

9.1CVSS9.1AI score0.02598EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/01/28 12:0 a.m.100 views

CVE-2022-23097

An issue was discovered in the DNS proxy in Connman through 1.40. forwarddnsreply mishandles a strnlen call, leading to an out-of-bounds read...

9.1CVSS9.1AI score0.02372EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/01/28 12:0 a.m.52 views

CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received...

7.5CVSS8.4AI score0.02485EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/01/28 12:0 a.m.2 views

PT-2022-2657 · Connman +5 · Connman +5

Name of the Vulnerable Software and Affected Versions: Connman versions 1.40 and earlier Description: An issue was discovered in the DNS proxy in Connman. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read. This could all...

9.8CVSS6.8AI score0.03585EPSS
Exploits7References189
OSV
OSV
added 2022/01/28 12:0 a.m.9 views

CVE-2022-23097

An issue was discovered in the DNS proxy in Connman through 1.40. forwarddnsreply mishandles a strnlen call, leading to an out-of-bounds read...

9.1CVSS9.1AI score0.02372EPSS
Exploits1References7
OSV
OSV
added 2021/05/25 5:15 p.m.18 views

CVE-2021-23937

A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to...

7.5CVSS6.9AI score
Exploits0References4
Prion
Prion
added 2021/05/25 5:15 p.m.21 views

Design/Logic Flaw

A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to...

5CVSS7.5AI score0.0426EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2021/05/25 8:5 a.m.74 views

CVE-2021-23937

The CVE-2021-23937 issue is a DNS proxy/amplification vulnerability in Apache Wicket’s WebClientInfo. The root cause is failure to sanitize the X-Forwarded-For header, allowing arbitrary DNS lookups from the server. Affected versions include Wicket 9.x up to 9.2.0 and prior, 8.x up to 8.11.0 and ...

7.5CVSS7.5AI score0.0426EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/05/25 8:5 a.m.26 views

CVE-2021-23937 DNS proxy and possible amplification attack

A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to...

7.7AI score0.0426EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2021/04/22 4:59 p.m.125 views

USN-4924-1: Dnsmasq vulnerabilities

It was discovered that Dnsmasq incorrectly handled certain wildcard synthesized NSEC records. A remote attacker could possibly use this issue to prove the non-existence of hostnames that actually exist. CVE-2017-15107 It was discovered that Dnsmasq incorrectly handled certain large DNS packets. A...

7.5CVSS6.8AI score0.02646EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2021/03/20 12:0 a.m.27 views

Security update for connman (moderate)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2021:0452-1 Rating: moderate References: 1181751 Cross-References: CVE-2021-26675 CVE-2021-26676 CVSS scores: CVE-2021-26675 NVD : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-26676 NVD : 6.5...

8.8CVSS8.4AI score0.01301EPSS
Exploits0References1
OSV
OSV
added 2021/03/16 5:6 p.m.7 views

OPENSUSE-SU-2021:0416-1 Security update for connman

This update for connman fixes the following issues: Update to 1.39 boo1181751: Fix issue with scanning state synchronization and iwd. Fix issue with invalid key with 4-way handshake offloading. Fix issue with DNS proxy length checks to prevent buffer overflow. CVE-2021-26675 Fix issue with DHCP...

8.8CVSS7.9AI score0.01301EPSS
Exploits0References4
Kitploit
Kitploit
added 2020/09/23 11:30 a.m.46 views

Dnxfirewall - A Pure Python Next Generation Firewall Built On Top Of Linux Kernel/Netfilter

DNX Firewall is an optimized/high performance collection of applications or services to convert a standard linux system into a zone based next generation firewall. All software is designed to run in conjunction with eachother, but with a modular design certain aspects can be completely removed wi...

7.3AI score
Exploits0References4
Apple
Apple
added 2018/10/30 12:0 a.m.49 views

About the security content of watchOS 5.1

About the security content of watchOS 5.1 This document describes the security content of watchOS 5.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

9.3CVSS0.34173EPSS
Exploits11References1Affected Software1
Ubuntu
Ubuntu
added 2018/07/12 3:9 p.m.42 views

USN-3716-1: Dnsmasq update

This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover...

5.3AI score
Exploits0References1
OSV
OSV
added 2018/01/03 2:22 p.m.6 views

MGASA-2018-0036 Updated connman packages fix security vulnerability

Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service...

9.8CVSS9.7AI score0.05519EPSS
Exploits0References3
Rows per page
Query Builder