140 matches found
POCO 安全漏洞
POCO is a cross-platform C++ library open-sourced by POCO. It is used to build web and internet based applications that run on desktop, server, mobile, IoT and embedded systems. A security vulnerability exists in POCO v1.14.1-release that stems from a weak encryption issue...
CVE-2025-45766
CVE-2025-45766 relates to the Poco library, specifically version 1.14.1-release , which is described as having a weakness in encryption. The description notes a dispute over whether key lengths should be determined by the application using the library rather than by the library itself. The connec...
OPENSUSE-SU-2025:15322-1 libPocoActiveRecord112-1.14.2-1.1 on GA media
These are all security issues fixed in the libPocoActiveRecord112-1.14.2-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2025-6375
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
CVE-2025-6375
A flaw was found in Poco. The MultipartInputStream function in Net/src/MultipartReader.cpp contains a NULL pointer dereference triggered by crafted input. This flaw allows a local attacker to cause a denial of service. Manipulation occurs during the processing of multipart data. The vulnerability...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the MultipartInputStream function in the file Net/src/MultipartReader.cpp. An attacker can cause a denial of service by triggering a null pointer dereference through crafted input processed locally...
CVE-2025-6375
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
DEBIAN-CVE-2025-6375
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
CVE-2025-6375
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
UBUNTU-CVE-2025-6375
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
CVE-2025-6375 poco MultipartReader.cpp MultipartInputStream null pointer dereference
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
CVE-2025-6375 poco MultipartReader.cpp MultipartInputStream null pointer dereference
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
CVE-2025-6375
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
CVE-2025-6375
CVE-2025-6375 affects Poco up to 1.14.1. The vulnerable element is the function MultipartInputStream in Net/src/MultipartReader.cpp , where input manipulation can cause a null pointer dereference . Exploitation requires local access . A fix is available in Poco 1.14.2 (patch: 6f2f85913c191ab9ddfb...
POCO 安全漏洞
POCO is a cross-platform C++ library open-sourced by POCO. It is used to build web and internet based applications that run on desktop, server, mobile, IoT and embedded systems. A security vulnerability exists in POCO 1.14.1 and earlier versions, which stems from a null pointer dereference due to...
PT-2025-26479 · Poco +1 · Poco +1
Name of the Vulnerable Software and Affected Versions: Poco versions up to 1.14.1 Description: A null pointer dereference issue was found in the MultipartInputStream function of the file Net/src/MultipartReader.cpp. This issue can be exploited locally. The estimated number of potentially affected...
CVE-2024-10412
A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. The manipulation of the argument picture leads to cross site scripting. The attack can be launched...
The vulnerability of the convert() and queryConvert() functions in the collections of POCO libraries for the C++ programming language allows a hacker to execute arbitrary code.
The vulnerability of the convert and queryConvert functions in POCO mobile phones is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
OSV-2025-291 Use-of-uninitialized-value in Poco::Net::NTLMCredentials::parseChallengeMessage
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=411466303 Crash type: Use-of-uninitialized-value Crash state: Poco::Net::NTLMCredentials::parseChallengeMessage Poco::Net::HTTPNTLMCredentials::createNTLMMessage Poco::Net::HTTPNTLMCredentials::authenticate...
PT-2025-19366 · Git +1 · Poco
Name of the Vulnerable Software and Affected Versions: Poco versions affected versions not specified Description: The software suffers from a use-of-uninitialized-value issue. This occurs within the Poco::Net::NTLMCredentials::parseChallengeMessage,...