Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/20 5:57 p.m.4 views

CVE-2026-32303

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, an integrity check vulnerability allows an attacker to tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Before this fix, the client trusted...

7.6CVSS5.8AI score0.0011EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.4 views

CVE-2026-27971

Qwik is a performance focused javascript framework. qwik =1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user to execute arbitrary code on the server with a single HTTP request. Affects any deployment where...

9.8CVSS6.4AI score0.04632EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 3: c-ares (TSSA-2023:0186)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0186 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS6.4AI score0.01577EPSS
Exploits0References2
OSV
OSV
added 2023/05/25 11:15 p.m.7 views

AZL-26918 CVE-2023-32067 affecting package fluent-bit for versions less than 2.1.10-1

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...

7.5CVSS6.6AI score0.01577EPSS
Exploits0References1
OSV
OSV
added 2023/05/25 10:15 p.m.7 views

AZL-26941 CVE-2023-31130 affecting package python-gevent for versions less than 21.1.2-3

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

6.4CVSS6.7AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2023/05/25 10:15 p.m.7 views

AZL-26922 CVE-2023-31130 affecting package grpc for versions less than 1.42.0-11

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

6.4CVSS6.7AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2023/05/25 10:15 p.m.2 views

DEBIAN-CVE-2023-31147

c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from the random number generator i...

6.5CVSS6.7AI score0.00905EPSS
Exploits0References1
OSV
OSV
added 2023/05/25 10:15 p.m.6 views

AZL-26876 CVE-2023-31147 affecting package python-gevent for versions less than 21.1.2-3

c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from the random number generator i...

6.5CVSS6.7AI score0.00905EPSS
Exploits0References1
Rows per page
Query Builder