Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2025/04/05 12:0 a.m.5 views

CVE-2025-32366

In ConnMan through 1.44, parserr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohsrr-rdlen and memcpyresponse+offset,end,rdlen without a check for whether the sum of end and rdlen exceeds max. Consequently, rdlen may be larger than the amount of remaining...

4.8CVSS4.7AI score0.00194EPSS
Exploits0References4
CVE
CVEadded 2025/04/05 12:0 a.m.73 views

CVE-2025-32366

In ConnMan up to version 1.44, the DNS proxy code path parse_rr in dnsproxy.c uses a memcpy length derived from an RR RDLENGTH (rdlen) value without validating that end+rdlen stays within the remaining packet data. Specifically, rdlen is computed as ntohs(rr->rdlen) and memcpy(response+offset,...

4.8CVSS4.6AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/04/05 12:0 a.m.3 views

PT-2025-15079 · Connman +1 · Connman +1

Name of the Vulnerable Software and Affected Versions: ConnMan versions 1.44 and earlier Description: The issue is related to a memcpy length that depends on an RR RDLENGTH value in the parse rr function in dnsproxy.c. This could potentially lead to issues due to the direct use of...

4.8CVSS3.9AI score0.00194EPSS
Exploits0References20
Mageia
Mageiaadded 2021/07/10 12:56 p.m.35 views

Updated connman packages fix security vulnerability

Updated connman packages fix security vulnerability. ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA CVE-2021-33833...

9.8CVSS4.3AI score0.00155EPSS
Exploits1References2
NVD
NVDadded 2021/06/09 6:15 p.m.18 views

CVE-2021-33833

ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA...

9.8CVSS0.00155EPSS
Exploits1References5
Prion
Prionadded 2021/06/09 6:15 p.m.15 views

Stack overflow

ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA...

7.5CVSS9.6AI score0.00155EPSS
Exploits1References5Affected Software2
UbuntuCve
UbuntuCveadded 2017/08/29 4:29 p.m.27 views

CVE-2017-12865

Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted response query string passed to the "name" variable...

9.8CVSS7.5AI score0.05021EPSS
Exploits0References1
CVE
CVEadded 2017/08/29 4:0 p.m.83 views

CVE-2017-12865

The CVE-2017-12865 entry describes a stack-based buffer overflow in ConnMan's dnsproxy.c (affecting ConnMan 1.34 and earlier). A crafted DNS response can crash the service or allow remote code execution, via the name variable. Public disclosures across multiple sources (GNUs/Gentoo GLSA, Debian D...

9.8CVSS9.5AI score0.05021EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder