1025 matches found
Astra Linux - уязвимость в abseil
There exists a heap buffer overflow vulnerability in Abseil-cpp. The constructor methods reserve and rehash, which are used to manage the size of the container’s backing store, do not impose an upper limit on the size of these methods’ arguments. As a result, a caller could pass a very large size...
Astra Linux - уязвимость в yaml-cpp
The SingleDocParser::HandleFlowSequence function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...
Astra Linux - уязвимость в zeromq3
An uncontrolled resource consumption memory leak flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a...
Astra Linux - уязвимость в yaml-cpp
The SingleDocParser::HandleNode function in yaml-cpp also known as LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...
Joern 4.0.528
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Joern 4.0.526
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
[SECURITY] [DSA 6228-1] cpp-httplib security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6228-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2026 https://www.debian.org/security/faq -...
Debian dsa-6228 : libcpp-httplib-dev - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6228 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6228-1 [email protected] https://www.debian.org/securit...
OPENSUSE-SU-2026:10573-1 cpp-httplib-devel-0.42.0-1.1 on GA media
These are all security issues fixed in the cpp-httplib-devel-0.42.0-1.1 package on the GA media of openSUSE Tumbleweed...
Linux Distros Unpatched Vulnerability : CVE-2025-14569
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function readaudiodata of the file /whisper.cpp/examples/common-whisper.cpp. T...
OESA-2026-1870 cpp-httplib security update
A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored...
OESA-2026-1869 cpp-httplib security update
A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored...
OESA-2026-1868 cpp-httplib security update
A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored...
OESA-2026-1867 cpp-httplib security update
A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored...
CVE-2026-5638 HerikLyma CPPWebFramework path traversal
A vulnerability was detected in HerikLyma CPPWebFramework up to 3.1. This issue affects some unknown processing. Performing a manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit is now public and may be used. The project was informed of the problem...
JLSEC-2026-22
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service assertion failure and application exit via a '!2' string...
SUSE CVE-2026-34441
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.40.0, cpp-httplib is vulnerable to HTTP Request Smuggling. The server's static file handler serves GET responses without consuming the request body. On HTTP/1.1 keep-alive connections, the unread...
Linux Distros Unpatched Vulnerability : CVE-2026-34441
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.40.0, cpp-httplib is vulnerable to HTTP Request Smuggling...
CVE-2026-34159 llama.cpp: Unauthenticated RCE via GRAPH_COMPUTE buffer=0 bypass in llama.cpp RPC backend
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...
CVE-2026-34159
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...