290 matches found
PT-2026-2938
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw related to Base64 decoding. A global-buffer-overflow can occur due to implementation-defined char signedness on...
PT-2025-11968 · Suricata +1 · Suricata +1
Name of the Vulnerable Software and Affected Versions: Suricata versions affected versions not specified Description: The issue concerns a problem where the decode base64 signature can cause large memory allocation. This could potentially lead to issues with the Suricata package in Debian Linux...
freerdp: out-of-bounds read
A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an out-of-bounds read. This issue occurs when the WCHAR string is read with twice the size it has and converted to UTF-8, base64 decoded. The string is only used to compare against the redirection server...
CVE-2024-10295
A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue c...
CVE-2024-10295 Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request
A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue c...
CVE-2024-10295 Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request
A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue c...
PT-2024-7496 · Red Hat · Red Hat 3Scale Api Management
Name of the Vulnerable Software and Affected Versions: Red Hat 3scale API Management affected versions not specified Description: A flaw in the authentication mechanism of Red Hat 3scale API Management allows unauthorized access to the backend. This occurs when a non-base64 'basic' auth with...
CVE-2024-23967
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although...
CVE-2024-23967 Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although...
CVE-2024-23967 Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although...
SUSE CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45192
CVE-2024-45192 affects Matrix libolm up to version 3.2.16. The issue is a cache-timing vulnerability caused by decoding group session keys with base64 in the libolm implementation of Olm, potentially exposing timing-related information. NOTE: the vulnerability targets products that are no longer ...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Poc
This repository contains a collection of proof-of-concept PoC exploits and tools for various vulnerabilities. The primary focus is on Java-based exploits, with some Python scripts also present. The Java exploits target vulnerabilities in Java applications, including a deserialization vulnerabilit...
DEBIAN-CVE-2024-32662
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when WCHAR string is read with twice the size it has and converted to UTF-8, base64 decoded. The string is only used to compare against t...