1025 matches found
Injection Vulnerability
cpp-httplib does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...
GitHub Security Lab: CPP: Out of order Linux permission dropping without checking return codes
This bug was reported directly to GitHub Security Lab...
ICU: Integer overflow in UnicodeString::doAppend()
An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...
CVE-2019-6285
The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2019-6292
An issue was discovered in singledocparser.cpp in yaml-cpp aka LibYaml-C++ 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote...
Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2018-1331)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-0007
In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...
CVE-2018-20573
The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
Security Bulletin: Multiple vulenerabilities CVE-2019-0205, CVE-2019-0210 in thrift package
Summary Multiple vulenerabilities CVE-2019-0205, CVE-2019-0210 in thrift package Vulnerability Details CVEID: CVE-2019-0205 DESCRIPTION: In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue...
CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
UBUNTU-CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
CVE-2014-0212
CVE-2014-0212 concerns qpid-cpp: ACL policies are only loaded when the acl-file option is specified, which can enable a Denial of Service by exhausting all available file descriptors. The connected documents confirm the root cause is loading/processing ACL policies contingent on a missing/omitted...
CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
Code injection
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
CVE-2009-5004
CVE-2009-5004 : In qpid-cpp 1.0, a crash occurs when a large message is sent while the Digest-MD5 mechanism with a security layer is in use. This is the only concrete detail available in the provided docs; no exploitation, mitigation, or affected version ranges are specified beyond this descripti...
ALEA-2019:3472 libpmemobj-cpp bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...