Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-10377

Malicious code in bioql PyPI...

8.3CVSS7.2AI score0.00555EPSS
Exploits0References3
NVD
NVD
added 2025/04/08 2:15 p.m.16 views

CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

8.3CVSS0.00555EPSS
Exploits0References4
OSV
OSV
added 2025/04/08 2:15 p.m.5 views

DEBIAN-CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

8.3CVSS6.7AI score0.00555EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 1:53 p.m.17 views

CVE-2025-31498 c-ares has a use-after-free in read_answers()

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

8.3CVSS0.00555EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.5 views

PT-2025-15436

Name of the Vulnerable Software and Affected Versions c-ares versions 1.32.3 through 1.34.4 Node.js versions prior to 22.15.0 Description A use-after-free vulnerability exists in the read answers function of c-ares, a library used for asynchronous DNS resolution. This occurs when process answer m...

9.8CVSS7.5AI score0.00718EPSS
Exploits0References70
RedHat Linux
RedHat Linux
added 2011/09/12 7:40 p.m.4 views

kernel: sctp: a race between ICMP protocol unreachable and connect()

Race condition in the sctpicmpprotounreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service panic via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and...

7.1CVSS6.1AI score0.02523EPSS
Exploits0References4
NVD
NVD
added 2011/01/11 3:0 a.m.31 views

CVE-2010-4526

Race condition in the sctpicmpprotounreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service panic via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and...

7.1CVSS6AI score0.02523EPSS
Exploits0References12
Prion
Prion
added 2011/01/11 3:0 a.m.30 views

Race condition

Race condition in the sctpicmpprotounreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service panic via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and...

7.1CVSS6.8AI score0.02523EPSS
Exploits0References12Affected Software3
CVE
CVE
added 2011/01/11 1:0 a.m.128 views

CVE-2010-4526

CVE-2010-4526 describes a race condition in the Linux kernel between 2.6.11-rc2 and 2.6.33 in sctp_icmp_proto_unreachable (net/sctp/input.c). An ICMP Unreachable to a socket that is already locked by a user can free the socket and trigger list corruption via sctp_wait_for_connect, enabling remote...

7.1CVSS5.8AI score0.02523EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2011/01/11 1:0 a.m.26 views

CVE-2010-4526

Race condition in the sctpicmpprotounreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service panic via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and...

5.9AI score0.02523EPSS
Exploits0References12
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.17 views

CVE-2001-0861

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service CPU consumption by flooding the router with traffic that generates a large number of ICMP Unreachable replies...

6.6AI score0.01675EPSS
Exploits0References5
CVE
CVE
added 2002/03/09 5:0 a.m.64 views

CVE-2001-0861

The CVE-2001-0861 issue affects Cisco 12000 Series routers running IOS 12.0 with Engine 2 (and earlier) line cards, where a remote attacker can cause a denial of service by flooding the device with traffic that generates a large number of ICMP Unreachable replies, degrading throughput due to CPU ...

5CVSS6.6AI score0.01675EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2001/12/06 5:0 a.m.16 views

CVE-2001-0861

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service CPU consumption by flooding the router with traffic that generates a large number of ICMP Unreachable replies...

5CVSS6.6AI score0.01675EPSS
Exploits0References5
securityvulns
securityvulns
added 2001/11/15 12:0 a.m.22 views

Многочисленные проблемы в Cisco 12000 (DoS, protection bypass)

Многочисленные проблемы в реализации IP-фильтрации, большое количество ICMP Unreachable приводит к снижению производительности...

1.3AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2001/11/15 12:0 a.m.41 views

Cisco Security Advisory: ICMP Unreachable vulnerability in Cisco 12000 Series

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: ICMP Unreachable vulnerability in Cisco 12000 Series Internet Router Revision 1.0 For Public Release 2001 November 14 08:00 UTC -0800 Summary The performance of Cisco 12000 series routers can be degraded when they have to send a large...

7.1AI score
Exploits0
Rows per page
Query Builder