DEBIAN-CVE-2023-26130

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...

UBUNTU-CVE-2023-26130

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...

CVE-2023-26130

The CVE-2023-26130 issue affects yhirose/cpp-httplib

CVE-2023-26130

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...

CVE-2023-26130

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...

PT-2023-3153 · Yhirose · Cpp-Httplib

Name of the Vulnerable Software and Affected Versions: yhirose/cpp-httplib versions prior to 0.12.4 Description: The issue is related to the incomplete fix for a previous problem, which allows an attacker to inject arbitrary HTTP headers when untrusted user input is used to set the content-type...

CVE-2023-21094

In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

GitHub Security Lab: CPP: Add query for CWE-369: Divide By Zero.

Vulnerability description not provided...

CVE-2023-29584

mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp...

MP4v2 缓冲区错误漏洞

MP4v2 is a library for creating, modifying, and reading MP4 files by enzo1982 individual developers. A security vulnerability exists in MP4v2 version v2.0.0, which stems from the discovery of a heap buffer overflow vulnerability contained in the MP4GetVideoProfileLevel function via /src/mp4.cpp...

SUSE: Security Advisory (SUSE-SU-2023:1740-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : yaml-cpp (SUSE-SU-2023:1740-3)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1740-3 advisory. - The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service...

SUSE-SU-2023:1740-3 Security update for yaml-cpp

This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue bsc1121227. - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap bsc1121230. - CVE-2019-6285: Fix...

CVE-2023-21030

In Confirmation of keystorecliv2.cpp, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

CVE-2023-21031

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355...

Race condition

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355...

UBUNTU-CVE-2023-21031

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355...

CVE-2023-21031

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355...

CVE-2023-21031

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355...

CVE-2023-21031

CVE-2023-21031 describes a vulnerability in the Android graphics stack: in the function setPowerMode of HWC2.cpp there is a possible out-of-bounds read caused by a race condition. The issue could enable local information disclosure without requiring privileges or user interaction. Affected: Andro...