Linux Distros Unpatched Vulnerability : CVE-2018-9138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions...

Linux Distros Unpatched Vulnerability : CVE-2025-53628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.20.1, cpp- httplib does not have a limit for a unique line,...

CVE-2025-20627

Uncontrolled search path for some IntelR oneAPI DPC++/C++ Compiler software before version 2025.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

OESA-2025-1840 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: CPP-HTTPLIB is a C++11 single file header that only cross-platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using transfer code:...

CVE-2022-41342

Improper buffer restrictions in the IntelR C++ Compiler Classic before version 2021.7.1 for some IntelR oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access...

Vulnerability of the development, debugging, and optimization tools for FPGA applications. The Intel oneAPI DPC++/C++ compiler’s support package is vulnerable due to an uncontrolled search path element, allowing attackers to exploit this vulnerability to gain enhanced privileges.

The vulnerability of the FPGA Support Package for the Intel oneAPI DPC++/C++ Compiler relates to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

SUSE CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

Medium: grpc

Issue Overview: There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission...

DEBIAN-CVE-2024-11407

There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network...

UBUNTU-CVE-2024-11407

There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network...

CVE-2024-43590

Visual C++ Redistributable Installer Elevation of Privilege Vulnerability...

SUSE CVE-2024-34580

Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...

USN-6590-1 xerces-c vulnerabilities

It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could...

HCL BigFix Platform Input Validation Error Vulnerability

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in HCL BigFix Platform xerces-c++ version 3.2.3,...

CVE-2022-26421

Uncontrolled search path element in the IntelR oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-39823

An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error...

SUSE-SU-2022:1073-1 Security update for yaml-cpp

This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue bsc1121227. - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap bsc1121230. - CVE-2019-6285: Fix...

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...

securitylab

This repository is an offensive tool for a CodeQL query library. It contains various CodeQL queries for detecting vulnerabilities in C++ code, specifically targeting the ChakraCore and Chromium projects. The queries are designed to identify potential security issues, such as bad overflow checks,...

CVE-2021-32617

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic complexity was found in Exiv2 versions v0.27.3 and earlier. The inefficient algorithm is triggered when Exiv2 is used to write metadata int...