Lucene search
K

140 matches found

CNNVD
CNNVD
added 2025/08/06 12:0 a.m.4 views

POCO 安全漏洞

POCO is a cross-platform C++ library open-sourced by POCO. It is used to build web and internet based applications that run on desktop, server, mobile, IoT and embedded systems. A security vulnerability exists in POCO v1.14.1-release that stems from a weak encryption issue...

7CVSS6.5AI score0.00124EPSS
Exploits0References3
CVE
CVE
added 2025/08/06 12:0 a.m.48 views

CVE-2025-45766

CVE-2025-45766 relates to the Poco library, specifically version 1.14.1-release , which is described as having a weakness in encryption. The description notes a dispute over whether key lengths should be determined by the application using the library rather than by the library itself. The connec...

7CVSS6.7AI score0.00124EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/07/08 12:0 a.m.4 views

OPENSUSE-SU-2025:15322-1 libPocoActiveRecord112-1.14.2-1.1 on GA media

These are all security issues fixed in the libPocoActiveRecord112-1.14.2-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS5.8AI score0.00851EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/06/23 11:21 p.m.3 views

SUSE CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

3.3CVSS3.5AI score0.00207EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/06/21 3:43 a.m.4 views

CVE-2025-6375

A flaw was found in Poco. The MultipartInputStream function in Net/src/MultipartReader.cpp contains a NULL pointer dereference triggered by crafted input. This flaw allows a local attacker to cause a denial of service. Manipulation occurs during the processing of multipart data. The vulnerability...

4.8CVSS6.7AI score0.00207EPSS
Exploits1References2
Snyk
Snyk
added 2025/06/21 1:41 a.m.2 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the MultipartInputStream function in the file Net/src/MultipartReader.cpp. An attacker can cause a denial of service by triggering a null pointer dereference through crafted input processed locally...

5.5CVSS6.8AI score0.00207EPSS
Exploits1References2
NVD
NVD
added 2025/06/21 1:15 a.m.7 views

CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

5.5CVSS0.00207EPSS
Exploits1References7
OSV
OSV
added 2025/06/21 1:15 a.m.3 views

DEBIAN-CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

5.5CVSS3.2AI score0.00207EPSS
Exploits1References1
OSV
OSV
added 2025/06/21 1:15 a.m.7 views

CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

5.5CVSS7.1AI score
Exploits0References7
OSV
OSV
added 2025/06/21 1:15 a.m.4 views

UBUNTU-CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

5.5CVSS5.8AI score0.00207EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2025/06/21 12:31 a.m.4 views

CVE-2025-6375 poco MultipartReader.cpp MultipartInputStream null pointer dereference

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

4.8CVSS3.9AI score0.00207EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/06/21 12:31 a.m.12 views

CVE-2025-6375 poco MultipartReader.cpp MultipartInputStream null pointer dereference

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

4.8CVSS0.00207EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2025/06/21 12:31 a.m.6 views

CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

5.5CVSS3.2AI score0.00207EPSS
Exploits1
CVE
CVE
added 2025/06/21 12:31 a.m.33 views

CVE-2025-6375

CVE-2025-6375 affects Poco up to 1.14.1. The vulnerable element is the function MultipartInputStream in Net/src/MultipartReader.cpp , where input manipulation can cause a null pointer dereference . Exploitation requires local access . A fix is available in Poco 1.14.2 (patch: 6f2f85913c191ab9ddfb...

5.5CVSS4AI score0.00207EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2025/06/21 12:0 a.m.2 views

POCO 安全漏洞

POCO is a cross-platform C++ library open-sourced by POCO. It is used to build web and internet based applications that run on desktop, server, mobile, IoT and embedded systems. A security vulnerability exists in POCO 1.14.1 and earlier versions, which stems from a null pointer dereference due to...

5.5CVSS4.5AI score0.00207EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/06/21 12:0 a.m.6 views

PT-2025-26479 · Poco +1 · Poco +1

Name of the Vulnerable Software and Affected Versions: Poco versions up to 1.14.1 Description: A null pointer dereference issue was found in the MultipartInputStream function of the file Net/src/MultipartReader.cpp. This issue can be exploited locally. The estimated number of potentially affected...

4.8CVSS3.5AI score0.00207EPSS
Exploits1References19
RedhatCVE
RedhatCVE
added 2025/05/23 6:16 a.m.5 views

CVE-2024-10412

A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. The manipulation of the argument picture leads to cross site scripting. The attack can be launched...

5.4CVSS6.4AI score0.00378EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.12 views

The vulnerability of the convert() and queryConvert() functions in the collections of POCO libraries for the C++ programming language allows a hacker to execute arbitrary code.

The vulnerability of the convert and queryConvert functions in POCO mobile phones is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS6.9AI score0.00851EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2025/04/20 12:7 a.m.8 views

OSV-2025-291 Use-of-uninitialized-value in Poco::Net::NTLMCredentials::parseChallengeMessage

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=411466303 Crash type: Use-of-uninitialized-value Crash state: Poco::Net::NTLMCredentials::parseChallengeMessage Poco::Net::HTTPNTLMCredentials::createNTLMMessage Poco::Net::HTTPNTLMCredentials::authenticate...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/20 12:0 a.m.4 views

PT-2025-19366 · Git +1 · Poco

Name of the Vulnerable Software and Affected Versions: Poco versions affected versions not specified Description: The software suffers from a use-of-uninitialized-value issue. This occurs within the Poco::Net::NTLMCredentials::parseChallengeMessage,...

6.9AI score
Exploits0References2
Rows per page
Query Builder