CVE-2023-40296

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets...

Stack overflow

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets...

Amazon Linux 2023 : poppler, poppler-cpp, poppler-cpp-devel (ALAS2023-2023-289)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-289 advisory. Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lea...

CVE-2023-40296

CVE-2023-40296 concerns the async-sockets-cpp library (versions ≤ 0.3.1), which contains a stack-based buffer overflow in the udpsocket.hpp file’s ReceiveFrom and Receive when handling malformed UDP packets. The Red Hat entry and multiple sources confirm the vulnerability details and affected com...

async-sockets-cpp buffer error vulnerability

async-sockets-cpp is a simple thread-based asynchronous TCP and UDP Socket class in C++. A security vulnerability exists in async-sockets-cpp version 0.3.1 and earlier, which stems from a buffer overflow vulnerability in ReceiveFrom and Receive when processing malformed UDP packets...

DEBIAN-CVE-2021-28025

Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service DoS...

CVE-2023-38632

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets...

PT-2023-26535 · Unknown · Async-Sockets-Cpp

Name of the Vulnerable Software and Affected Versions: async-sockets-cpp versions 0.3.1 and earlier Description: The issue is a stack-based buffer overflow in the tcpsocket.hpp file when processing malformed TCP packets. This occurs due to improper handling of packet data, leading to a potential...

CVE-2023-38632

CVE-2023-38632 affects async-sockets-cpp up to version 0.3.1, with a stack-based buffer overflow in the file tcpsocket.hpp when processing malformed TCP packets. The Red Hat/CVE data and multiple catalogs corroborate a general vulnerability in the TCP handling path, but the sources do not provide...

CVE-2023-38632

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets...

async-sockets-cpp 缓冲区错误漏洞

async-sockets-cpp is a simple thread-based asynchronous TCP and UDP Socket class in C++. A security vulnerability exists in async-sockets-cpp version 0.3.1 and earlier, which stems from a stack-based buffer overflow when handling malformed TCP packets...

CVE-2023-21213

In initiateTdlsTeardownInternal of staiface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-21206

In initiateVenueUrlAnqpQueryInternal of staiface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

OESA-2023-1365 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code Security Fixes: Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the...

OESA-2023-1364 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code Security Fixes: Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the...

Fedora 38 : cpp-httplib (2023-0070b20b20)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-0070b20b20 advisory. Update to https://github.com/yhirose/cpp-httplib/releases/tag/v0.12.5 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora: Security Advisory for cpp-httplib (FEDORA-2023-0070b20b20)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

SUSE CVE-2023-26130

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...

CVE-2023-26130

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...