luonnonlaki.fi Cross Site Scripting vulnerability OBB-1266254

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

GLSA-202007-14 : yaml-cpp: Denial of service

The remote host is affected by the vulnerability described in GLSA-202007-14 yaml-cpp: Denial of service The function Scanner::peek in scanner.cpp may have an assertion failure. Impact : An attacker could cause a possible Denial of Service condition. Workaround : There is no known workaround at...

bpp.rs Cross Site Scripting vulnerability OBB-1236454

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

PT-2020-6589 · Libproxy +5 · Libproxy +5

Name of the Vulnerable Software and Affected Versions: libproxy versions prior to 0.4.16 Description: The issue is related to a buffer overflow in the url.cpp file of libproxy when PAC is enabled. This can be triggered by a large PAC file delivered without a Content-length header, potentially...

PT-2020-10775 · Upx Team +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX versions prior to 3.96 Description: The issue arises from an integer overflow in the p lx elf.cpp file during the unpacking process, specifically when encountering crafted values in a PT DYNAMIC segment. Recommendations: For versions prio...

Logic Flaw Vulnerability in CPP-Ethereum JSON-RPC

CPP-Ethereum is a C++ client for Ethereum Application Programming Platform.JSON-RPC is one of the remote invocation services using JSON as the protocol. A security vulnerability exists in the minerstart API for JSON-RPC in CPP-Ethereum commit version 4e1015743b95821849d001618a7ce82c7c073768. An...

exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunkint.cpp may cause a denial of service application crash due to a heap-based buffer over-read via a crafted PNG file...

GitHub Security Lab: CPP: Out of order Linux permission dropping without checking return codes

This bug was reported directly to GitHub Security Lab...

AZL-44928 CVE-2020-11760 affecting package OpenEXR 2.3.0-6

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp...

PT-2020-6214 · Openexr +7 · Openexr +7

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 2.4.1 Description: An issue in OpenEXR is related to an out-of-bounds write in the copyIntoFrameBuffer function in ImfMisc.cpp. This can potentially allow a remote attacker to cause a denial of service...

cpp-httplib injection vulnerability

cpp-httplib is an HTTP/HTTPS server and client library written in C++. A security vulnerability exists in cpp-httplib version 0.5.8 and earlier, which stems from the program's failure to filter string-laden arguments passed to the 'setredirect' and 'setheader' functions. The vulnerability can be...

CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

Crlf injection

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

UBUNTU-CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

CVE-2020-11709

The CVE-2020-11709 issue affects the cpp-httplib library prior to 0.12.4, where CRLF injection is possible because input is not filtered when setting the Content-Type header in HTTP requests created by Patch, Post, Put, or Delete. The vulnerability arises in untrusted input used to influence head...

CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

PT-2020-12796 · Cpp Httplib · Cpp-Httplib

Name of the Vulnerable Software and Affected Versions: cpp-httplib versions 0.5.8 and earlier Description: The issue arises from the lack of filtering for r in parameters passed to the set redirect and set header functions, potentially leading to CRLF injection and HTTP response splitting in...