Search CVE reports


Toggle filters

1 – 10 of 14 results


CVE-2019-19794

Medium priority
Needs evaluation

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.

1 affected packages

golang-github-miekg-dns

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-miekg-dns Not affected Not affected Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2018-17419

Medium priority
Needs evaluation

An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.

1 affected packages

golang-github-miekg-dns

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-miekg-dns Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2017-15133

Unknown priority
Ignored

A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections.

1 affected packages

golang-github-miekg-dns

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-miekg-dns Not affected Not in release
Show less packages

CVE-2008-4776

Low priority

Some fixes available 6 of 7

libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.

3 affected packages

ekg, kadu, libgadu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ekg
kadu
libgadu
Show less packages

CVE-2007-1665

Unknown priority
Fixed

Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

1 affected packages

ekg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ekg
Show less packages

CVE-2007-1664

Unknown priority
Fixed

ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.

1 affected packages

ekg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ekg
Show less packages

CVE-2007-1663

Unknown priority
Fixed

Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

1 affected packages

ekg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ekg
Show less packages

CVE-2005-2448

Unknown priority
Fixed

Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.

3 affected packages

centericq, centerim, ekg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
centericq
centerim
ekg
Show less packages

CVE-2005-2370

Unknown priority
Fixed

Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an...

4 affected packages

centericq, centerim, ekg, gaim

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
centericq
centerim
ekg
gaim
Show less packages

CVE-2005-2369

Unknown priority
Fixed

Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.

3 affected packages

centericq, centerim, ekg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
centericq
centerim
ekg
Show less packages