140 matches found
PT-2024-40574 · Poco · Poco
Name of the Vulnerable Software and Affected Versions: Poco affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Poco::Dynamic::Var destructor and is associated with the Poco::JSON::Object::doStringify...
New Data-Stealing Poco RAT Campaign Targeting Spanish Speakers
New Poco RAT Malware Targets Spanish Speakers Through Emails! Disguised as financial documents, Poco RAT steals your info…...
New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign
Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan RAT called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense...
CVE-2023-52426
libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time...
CVE-2023-52425
libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed...
SUSE CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
Integer Overflow to Buffer Overflow
Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow in the UTF32Encoding::convert and UTF32Encoding::queryConvert methods. Remediation Upgrade poco to version 1.11.0 or higher. References - GitHub Commit - GitHub Commit - GitHub Diff - GitHub Issue -...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
DEBIAN-CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
Integer overflow
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
UBUNTU-CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
CVE-2023-52389
CVE-2023-52389 affects POCO’s UTF32Encoding implementation. The vulnerability arises from an integer overflow in Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert(), which may return a negative value for certain UTF-32 byte sequences (>= 0x80000000), leading to a stack buffer overfl...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
POCO Security Breach
POCO is POCO open source a cross-platform C++ library . It is used to build web and internet based applications that run on desktop, server, mobile, IoT and embedded systems. A security vulnerability exists in POCO that stems from the presence of an integer overflow issue that results in a stack...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
Deserialization Of Untrusted Object
litedb is vulnerable to Deserialization Of Untrusted Objects. The vulnerability is caused by differing types in JSON documents, when a JSON document contains BsonDocument types, the library converts them to POCO. If an attacker can send a plain JSON string, they can inject and execute arbitrary...