CVE-2022-1183 : Destroying a TLS session early causes assertion failure

Description

On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch.

For more information

Warrnambool https://kb.isc.org/docs/cve-2022-1183

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-39565 : JUNIPER NETWORKS JUNOS OS UP TO 23.4R1-S1J-WEB XPATH INJECTION

CVE-2024-39565 : JUNIPER NETWORKS JUNOS OS UP TO 23.4R1-S1J-WEB XPATH INJECTION

Description An Improper Neutralization of Data within XPath Expressions (‘XPath Injection’) vulnerability in J-Web shipped with Juniper Networks Junos OS

CVE-2024-6624 : JSON API USER PLUGIN UP TO 3.9.3 ON WORDPRESS REMOTE CODE EXECUTION

CVE-2024-6624 : JSON API USER PLUGIN UP TO 3.9.3 ON WORDPRESS REMOTE CODE EXECUTION

Description The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including,

CVE-2024-37310 : EVEREST CORE PRIOR 2024.3.1/2024.6.0 V2G_SERVER.CPP V2G_INCOMING_V2GTP HEAP-BASED OVERFLOW

CVE-2024-37310 : EVEREST CORE PRIOR 2024.3.1/2024.6.0 V2G_SERVER.CPP V2G_INCOMING_V2GTP HEAP-BASED OVERFLOW

Description EVerest is an EV charging software stack. An integer overflow in the “v2g_incoming_v2gtp” function in the v2g_server.cpp implementation can