CVE search results

1 – 10 of 14 results

Detailed view

Sort by:

CVE-2019-19794

Medium priority

Needs evaluation

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.

1 affected packages

golang-github-miekg-dns

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
golang-github-miekg-dns	Not affected	Not affected	Needs evaluation	Needs evaluation	Not in release

CVE-2018-17419

Medium priority

Needs evaluation

An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.

1 affected packages

golang-github-miekg-dns

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
golang-github-miekg-dns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release

CVE-2017-15133

Unknown priority

Ignored

A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections.

1 affected packages

golang-github-miekg-dns

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
golang-github-miekg-dns	—	—	—	Not affected	Not in release

CVE-2008-4776

Low priority

Some fixes available 6 of 7

libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.

3 affected packages

ekg, kadu, libgadu

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ekg	—	—	—	—	—
kadu	—	—	—	—	—
libgadu	—	—	—	—	—

CVE-2007-1665

Unknown priority

Fixed

Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

1 affected packages

ekg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ekg	—	—	—	—	—

CVE-2007-1664

Unknown priority

Fixed

ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.

1 affected packages

ekg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ekg	—	—	—	—	—

CVE-2007-1663

Unknown priority

Fixed

Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

1 affected packages

ekg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ekg	—	—	—	—	—

CVE-2005-2448

Unknown priority

Fixed

Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.

3 affected packages

centericq, centerim, ekg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
centericq	—	—	—	—	—
centerim	—	—	—	—	—
ekg	—	—	—	—	—

CVE-2005-2370

Unknown priority

Fixed

Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an...

4 affected packages

centericq, centerim, ekg, gaim

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
centericq	—	—	—	—	—
centerim	—	—	—	—	—
ekg	—	—	—	—	—
gaim	—	—	—	—	—

CVE-2005-2369

Unknown priority

Fixed

Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.

3 affected packages

centericq, centerim, ekg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
centericq	—	—	—	—	—
centerim	—	—	—	—	—
ekg	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports