iperf 安全漏洞

iperf is an ESnet open source tool for actively measuring the maximum bandwidth achievable on an IP network. A security vulnerability exists in iperf versions prior to 3.19.1, which stems from the existence of a Base64 decoding assertion failure in iperfauth.c that could cause the application to...

infinispan: Credential Leakage in Infinispan CLI

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

CVE-2022-29937

USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but for example an OS command for base64 decoding is not blocked. NOTE: this is not an Oracle Corporation product...

CVE-2021-24117

In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single...

CVE-2020-9476

ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding...

CVE-2025-29917

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...

PT-2025-12028

Name of the Vulnerable Software and Affected Versions Horovod versions up to and including v0.28.1 Description The issue is due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. Specifically, the put value method in ElasticRendezvousHandler...

PT-2026-2938

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw related to Base64 decoding. A global-buffer-overflow can occur due to implementation-defined char signedness on...

PT-2025-11968 · Suricata +1 · Suricata +1

Name of the Vulnerable Software and Affected Versions: Suricata versions affected versions not specified Description: The issue concerns a problem where the decode base64 signature can cause large memory allocation. This could potentially lead to issues with the Suricata package in Debian Linux...

freerdp: out-of-bounds read

A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an out-of-bounds read. This issue occurs when the WCHAR string is read with twice the size it has and converted to UTF-8, base64 decoded. The string is only used to compare against the redirection server...

CVE-2024-10295

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue c...

CVE-2024-10295 Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue c...

CVE-2024-10295 Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue c...

PT-2024-7496 · Red Hat · Red Hat 3Scale Api Management

Name of the Vulnerable Software and Affected Versions: Red Hat 3scale API Management affected versions not specified Description: A flaw in the authentication mechanism of Red Hat 3scale API Management allows unauthorized access to the backend. This occurs when a non-base64 'basic' auth with...

CVE-2024-23967

Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although...

CVE-2024-23967 Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability

Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although...

CVE-2024-23967 Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability

Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although...

SUSE CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...