Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2000-0404

Malware in sbrugna...

10CVSS6.4AI score0.08351EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-1540

Malware in sbrugna...

7.5CVSS8.6AI score0.0331EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 p.m.8 views

CVE-2020-25926

The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...

7.5CVSS6.9AI score0.01262EPSS
Exploits0
Prion
Prion
added 2023/04/13 7:15 a.m.22 views

Information disclosure

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...

5CVSS7.4AI score0.00354EPSS
Exploits0References1
CVE
CVE
added 2023/04/04 4:46 a.m.66 views

CVE-2022-25726

CVE-2022-25726 concerns information disclosure in Qualcomm modem data due to an array out-of-bounds access while handling the incoming DNS response packet. Affected component is Qualcomm chipsets/controllers with modem functionality; root cause described as improper bounds/length handling during ...

8.2CVSS7.6AI score0.00354EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/04 4:46 a.m.21 views

CVE-2022-25726 Buffer Over-read in MODEM

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...

8.2CVSS7AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2021/08/18 7:15 p.m.17 views

CVE-2020-25926

The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...

7.5CVSS0.01262EPSS
Exploits0References2
NVD
NVD
added 2021/08/18 7:15 p.m.23 views

CVE-2020-25928

The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: DNS response processing functions: dnsupcall, getoffset, dncsetanswer. The attack vector is: a specific DNS response packet. The code does not che...

9.8CVSS0.03627EPSS
Exploits0References2
OSV
OSV
added 2021/08/18 7:15 p.m.3 views

CVE-2020-25928

The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: DNS response processing functions: dnsupcall, getoffset, dncsetanswer. The attack vector is: a specific DNS response packet. The code does not che...

9.8CVSS6.1AI score0.03627EPSS
Exploits0References2
CVE
CVE
added 2021/08/18 6:35 p.m.59 views

CVE-2020-25926

Summary of CVE-2020-25926 (INFRA:HALT) in HCC Embedded/NicheStack: The DNS client in InterNiche NicheStack TCP/IP (pre-4.3) suffers from insufficient entropy in DNS transaction IDs, enabling remote DNS cache poisoning via specially crafted responses. The related ICS/National advisories enumerate ...

7.5CVSS7.9AI score0.01262EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/04/16 12:0 a.m.22 views

EulerOS Virtualization 3.0.2.2 : c-ares (EulerOS-SA-2020-1480)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Heap-based buffer overflow in the arescreatequery function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial o...

9.8CVSS8AI score0.08583EPSS
Exploits0References3
Veracode
Veracode
added 2019/01/15 9:20 a.m.28 views

Information Disclosure

rh-nodejs6-nodejs is vulnerable to information disclosure attacks. The vulnerability exists as the c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted i...

7.5CVSS7.1AI score0.0331EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2017/07/07 5:0 p.m.179 views

CVE-2017-1000381

The CVE affects the c-ares library, specifically the ares_parse_naptr_reply() function used to parse NAPTR responses. In c-ares versions prior to 1.13.0 (upstream fix in 1.13.0), a crafted DNS response can trigger an out-of-bounds read, causing memory access outside the input buffer. This can lea...

7.5CVSS7.4AI score0.0331EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2000/07/12 4:0 a.m.48 views

CVE-2000-0405

The CVE-2000-0405 entry affects L0pht AntiSniff and describes a buffer overflow in the way it handles DNS responses. A malformed DNS response packet could allow remote attackers to execute arbitrary commands on the affected system. The root cause is the overflow in the DNS-response processing pat...

10CVSS8.2AI score0.08351EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder