CVE-2005-2315

Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared. This vulnerability is addressed in the following product release: dnrd, dnrd, 2.19.1 This vulnerability affects all versions of dnrd prior to 2.19.1

Publication date: Sat, 31 Dec 2005 11:00:00 +0000

Cyber News related to CVE-2005-2315

CVE-2005-2315 - Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared. This vulnerability is addressed in the following product ...
16 years ago

CVE-2009-2315 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2204. Reason: This candidate is a duplicate of CVE-2009-2204. Notes: All CVE users should reference CVE-2009-2204 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2008-5031 - Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs ...
1 year ago

CVE-2008-2315 - Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) ...
1 year ago

CVE-2002-2315 - Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. ...
16 years ago

CVE-2007-2315 - MiniShare 1.5.4, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a flood of requests for new connections. ...
13 years ago

CVE-2013-2315 - data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 does not properly validate the input to the password reminder function, which allows remote attackers to obtain sensitive information via a crafted request. ...
11 years ago

CVE-2004-2315 - Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via an empty OPTIONS request. ...
7 years ago

CVE-2010-2315 - PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter. ...
7 years ago

CVE-2017-11663 - The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. ...
7 years ago

CVE-2012-2315 - admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges to arbitrary users via the userEdit action. ...
7 years ago

CVE-2014-2315 - Multiple cross-site scripting (XSS) vulnerabilities in the Thank You Counter Button plugin 1.8.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) thanks_caption, (2) thanks_caption_style, or (3) thanks_style ...
7 years ago

CVE-2011-2315 - Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security. ...
7 years ago

CVE-2015-2315 - Cross-site scripting (XSS) vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the target parameter in a reminder_popup action to the default URI. ...
6 years ago

CVE-2006-2315 - ** DISPUTED ** PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] parameter. NOTE: the vendor has disputed ...
6 years ago

CVE-2016-2315 - revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow. ...
1 year ago

CVE-2017-2315 - On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch ...
5 years ago

CVE-2019-2315 - While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...
5 years ago

CVE-2021-2315 - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker ...
3 years ago

CVE-2022-2315 - Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2. ...
2 months ago

CVE-2023-2315 - Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server ...
1 year ago

CVE-2020-2315 - Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. ...
1 year ago

CVE-2018-2315 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
54 years ago Tenable.com

CVE-2024-2315 - APTIOV contains a vulnerability in BIOS where may cause Improper Access Control by a local attacker. Successful exploitation of this vulnerability may lead to unexpected SPI flash modifications and BIOS boot kit launches, also impacting the ...
1 month ago Tenable.com

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago

Latest Cyber News

CVE-2024-31892 - 15 hours ago
CVE-2024-31891 - 15 hours ago
CVE-2024-11721 - 19 hours ago
CVE-2024-11720 - 19 hours ago
CVE-2024-12446 - 21 hours ago
CVE-2024-12628 - 21 hours ago
CVE-2024-11711 - 21 hours ago
CVE-2024-11712 - 21 hours ago
CVE-2024-11713 - 21 hours ago
CVE-2024-11714 - 21 hours ago
CVE-2024-11715 - 21 hours ago
CVE-2024-11710 - 21 hours ago
CVE-2024-10690 - 22 hours ago
CVE-2024-11752 - 22 hours ago
CVE-2024-12422 - 22 hours ago
CVE-2024-12459 - 22 hours ago
CVE-2024-12474 - 22 hours ago
CVE-2024-12501 - 22 hours ago
CVE-2024-10646 - 22 hours ago
CVE-2024-12578 - 23 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2022-43472 - 1 day ago
CVE-2022-44578 - 1 day ago
CVE-2022-45806 - 1 day ago
CVE-2022-45819 - 1 day ago
CVE-2022-45826 - 1 day ago
CVE-2022-45840 - 1 day ago
CVE-2022-45841 - 1 day ago
CVE-2022-46795 - 1 day ago
CVE-2022-46796 - 1 day ago
CVE-2022-46807 - 1 day ago
CVE-2022-46811 - 1 day ago
CVE-2022-46838 - 1 day ago
CVE-2022-46840 - 1 day ago
CVE-2022-46846 - 1 day ago
CVE-2022-47168 - 1 day ago
CVE-2022-47176 - 1 day ago
CVE-2022-47182 - 1 day ago
CVE-2022-47429 - 1 day ago
CVE-2022-47594 - 1 day ago
CVE-2023-22697 - 1 day ago