Lucene search
K

47 matches found

CVE
CVE
added 5 days ago7 views

CVE-2026-40454

CVE-2026-40454 affects the Apache IoTDB C++ client. The issue is an out-of-bounds read caused by improper input validation in the TsBlock deserializer, which can crash the client when processing malformed server data. Affected ranges are IoTDB C++ client: 1.3.5–1.3.7 and 2.0.5–2.0.9; upgrading to...

7.5CVSS6.1AI score0.00278EPSS
Exploits0References2
Fedora
Fedora
added 2026/07/03 1:9 a.m.8 views

[SECURITY] Fedora 43 Update: cpp-httplib-0.48.0-1.fc43

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code!...

9.9CVSS6.7AI score0.00632EPSS
Exploits6
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.23 views

PT-2026-48892

Name of the Vulnerable Software and Affected Versions OpenTelemetry-cpp versions prior to 1.27.0 Description The OTLP HTTP exporters for traces, metrics, and logs read the complete HTTP response into an in-memory vector of bytes without implementing a size limit. This can lead to memory exhaustio...

5.3CVSS5.9AI score0.00206EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.9 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : XML-RPC for C and C++ vulnerabilities (USN-8313-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8313-1 advisory. It was discovered that Expat, vendored in XML-RPC, incorrectly handled certain files. An...

9.8CVSS7.1AI score0.34174EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in cp-demangle.c of GNU libiberty, as part of GNU Binutils 2.31. There is a stack consumption vulnerability caused by infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could exploit this vulnerability to caus...

5.5CVSS6.8AI score0.01686EPSS
Exploits1References2
Fedora
Fedora
added 2026/04/25 1:55 a.m.9 views

[SECURITY] Fedora 44 Update: qt6-qtscxml-6.10.3-1.fc44

The Qt SCXML module provides functionality to create state machines from SCXM L files. This includes both dynamically creating state machines loading the SCXML file and instantiating states and transitions and generating a C++ file that has a class implementing the state machine. It also contains...

5.4AI score
Exploits0
Fedora
Fedora
added 2026/04/03 5:4 p.m.4 views

[SECURITY] Fedora 42 Update: libopenmpt-0.8.6-1.fc42

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

6AI score
Exploits0
Fedora
Fedora
added 2026/04/01 12:57 a.m.6 views

[SECURITY] Fedora 43 Update: cpp-httplib-0.38.0-1.fc43

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code!...

8.7CVSS5.7AI score0.00179EPSS
Exploits1
NVD
NVD
added 2026/03/31 6:16 p.m.6 views

CVE-2026-32725

SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass when processing path-based scopes in tokens. The library normalizes the scope path from the token before authorization and collapses "....

8.3CVSS0.00834EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.8 views

Fedora 43 : insight (2026-0106837085)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0106837085 advisory. New upstream snapshot. Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442. Fixes CVEs 2025-69644, 2025-69645, 2025-69646. Fixes FTBF...

7.1CVSS6.4AI score0.00255EPSS
Exploits5References9
OSV
OSV
added 2026/03/04 7:36 p.m.5 views

CVE-2026-28435 Payload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplib

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

7.5CVSS5.6AI score0.00418EPSS
Exploits1References4
PyPA
PyPA
added 2026/02/17 2:16 p.m.50 views

PYSEC-2026-113

Use After Free vulnerability in Apache Arrow C++.This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...

7CVSS5.6AI score0.00807EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/02/17 1:18 p.m.8 views

CVE-2026-25087

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...

7CVSS5.8AI score0.00807EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

libiberty 安全漏洞

libiberty is a collection of subroutines used by GNU programs within the American GNU community. There is a security vulnerability in libiberty, which can cause applications to crash due to a specially crafted C++ symbol deconstruction...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/10 6:43 a.m.9 views

SUSE-SU-2026:0412-1 Security update for abseil-cpp

This update for abseil-cpp fixes the following issues: Update to 20240116.3 - CVE-2025-0838: Fixed potential integer overflow in hash container create/resize bsc1237543...

9.8CVSS5.8AI score0.00563EPSS
Exploits0References3
OSV
OSV
added 2026/01/29 10:35 a.m.3 views

SUSE-SU-2026:0338-1 Security update for abseil-cpp

This update for abseil-cpp fixes the following issues: - CVE-2025-0838: Fixed heap buffer overflow in sized constructors, reserve, and rehash methods of absl:flat,nodehashset,map bsc1237543...

9.8CVSS7.3AI score0.00563EPSS
Exploits0References3
Amazon
Amazon
added 2026/01/05 12:0 a.m.10 views

Important: ecs-service-connect-agent

Issue Overview: There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission...

9.8CVSS7.5AI score0.01218EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.8 views

Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2025-093 (ALASECS-2025-093)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.34.4.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-093 advisory. There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with...

9.8CVSS6.9AI score0.01218EPSS
Exploits7References26
Debian CVE
Debian CVE
added 2026/01/01 5:54 p.m.8 views

CVE-2026-21428

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the writeheaders function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header lines. This vulnerability allows attackers to add...

8.7CVSS5.3AI score0.00372EPSS
Exploits1
Fedora
Fedora
added 2025/12/07 12:57 a.m.10 views

[SECURITY] Fedora 43 Update: tinygltf-2.9.7-1.fc43

TinyGLTF is a header only C++11 glTF 2.0 library...

7AI score
Exploits0
Rows per page
Query Builder