44 matches found
CVE-2024-34365
UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to th...
EUVD-2013-4722
Malware in sbrugna...
EUVD-2024-1376
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-11015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file...
CVE-2025-11015
A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution. The exploit has bee...
DEBIAN-CVE-2025-11015
A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution. The exploit has bee...
CVE-2025-11015
A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution. The exploit has bee...
UBUNTU-CVE-2025-11017
A vulnerability was detected in OGRECave Ogre up to 14.4.1. The impacted element is the function Ogre::LogManager::stream of the file /ogre/OgreMain/src/OgreLogManager.cpp. Performing manipulation of the argument mDefaultLog results in null pointer dereference. The attack must be initiated from a...
UBUNTU-CVE-2025-11015
A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution. The exploit has bee...
CVE-2025-11017 OGRECave Ogre OgreLogManager.cpp stream null pointer dereference
A vulnerability was detected in OGRECave Ogre up to 14.4.1. The impacted element is the function Ogre::LogManager::stream of the file /ogre/OgreMain/src/OgreLogManager.cpp. Performing manipulation of the argument mDefaultLog results in null pointer dereference. The attack must be initiated from a...
CVE-2025-11014
A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...
PT-2025-39639
Name of the Vulnerable Software and Affected Versions OGRECave Ogre versions through 14.4.1 Description A flaw exists in OGRECave Ogre that relates to mismatched memory management routines. This issue is present in the STBIImageCodec::encode function located in the file...
GHSA-338X-HFX8-VX9X Apache Karaf Cave: Cave SSRF and arbitrary file access
This issue affects all versions of Apache Karaf Cave. As this project is retired, there are no plans to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that ar...
Apache Karaf Cave: Cave SSRF and arbitrary file access
This issue affects all versions of Apache Karaf Cave. As this project is retired, there are no plans to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that ar...
CVE-2024-34365
UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to th...
CVE-2024-34365
UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to th...
Apache Karaf 输入验证错误漏洞
Apache Karaf is a lightweight OSGi Java Dynamic Modular System container for deploying applications and components from the Apache Foundation USA. An input validation error vulnerability exists in Apache Karaf Cave that stems from improper input validation...
CVE-2024-34365 Apache Karaf Cave: Cave SSRF and arbitrary file access
UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to th...
CVE-2024-34365 Apache Karaf Cave: Cave SSRF and arbitrary file access
UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to th...
CVE-2024-34365
CVE-2024-34365 affects Apache Karaf Cave (all versions). The issue is an Improper Input Validation vulnerability enabling Server-Side Request Forgery and arbitrary file access. The project is retired, and there is no planned fix; mitigation is to restrict access to trusted users or migrate to an ...