Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2022/05/10 2:23 p.m.6 views

c-ares: Missing input validation of host names may lead to domain hijacking

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

6.8CVSS7.1AI score0.02617EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2021/11/27 8:0 a.m.5 views

A flaw was found in c-ares library where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

...

6.8CVSS6.9AI score0.02617EPSS
Exploits1
CNVD
CNVD
added 2020/05/26 12:0 a.m.1 views

EM-HTTP-Request Trust Management Issues Vulnerability

EM-HTTP-Request is an asynchronous HTTP client from Ilya Grigorik Software Developers of the United States , which supports automatic gzip and deflate decoding , streaming response processing , streaming file uploads and authentication . A trust management issue vulnerability exists in...

7.4CVSS6.9AI score0.00905EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/04/02 5:29 p.m.4 views

CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...

9.8CVSS5.6AI score0.00963EPSS
Exploits0References2
Rows per page
Query Builder