Lucene search
K

140 matches found

Positive Technologies
Positive Technologies
added 2024/09/15 12:0 a.m.4 views

PT-2024-40574 · Poco · Poco

Name of the Vulnerable Software and Affected Versions: Poco affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Poco::Dynamic::Var destructor and is associated with the Poco::JSON::Object::doStringify...

6.8AI score
Exploits0References2
HackRead
HackRead
added 2024/07/15 2:56 p.m.14 views

New Data-Stealing Poco RAT Campaign Targeting Spanish Speakers

New Poco RAT Malware Targets Spanish Speakers Through Emails! Disguised as financial documents, Poco RAT steals your info…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/11 10:12 a.m.17 views

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign

Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan RAT called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense...

6.7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2024/02/04 8:15 p.m.57 views

CVE-2023-52426

libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time...

5.5CVSS6.8AI score0.00373EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/02/04 8:15 p.m.86 views

CVE-2023-52425

libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed...

7.5CVSS6.9AI score0.01815EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2024/01/30 2:38 a.m.3 views

SUSE CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS7.2AI score0.00851EPSS
Exploits0References3
Snyk
Snyk
added 2024/01/27 3:44 a.m.1 views

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow in the UTF32Encoding::convert and UTF32Encoding::queryConvert methods. Remediation Upgrade poco to version 1.11.0 or higher. References - GitHub Commit - GitHub Commit - GitHub Diff - GitHub Issue -...

9.8CVSS7AI score0.00851EPSS
Exploits0References2
NVD
NVD
added 2024/01/27 3:15 a.m.22 views

CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS9.6AI score0.00851EPSS
Exploits0References4
OSV
OSV
added 2024/01/27 3:15 a.m.1 views

DEBIAN-CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS6.5AI score0.00851EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/01/27 3:15 a.m.20 views

CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS7.4AI score0.00851EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/01/27 3:15 a.m.43 views

CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS6.9AI score0.00851EPSS
Exploits0References5
Prion
Prion
added 2024/01/27 3:15 a.m.13 views

Integer overflow

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

7.5CVSS7.5AI score0.00851EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/27 3:15 a.m.2 views

UBUNTU-CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS7.5AI score0.00851EPSS
Exploits0References6
CVE
CVE
added 2024/01/27 12:0 a.m.59 views

CVE-2023-52389

CVE-2023-52389 affects POCO’s UTF32Encoding implementation. The vulnerability arises from an integer overflow in Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert(), which may return a negative value for certain UTF-32 byte sequences (>= 0x80000000), leading to a stack buffer overfl...

9.8CVSS9.4AI score0.00851EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/01/27 12:0 a.m.21 views

CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8AI score0.00851EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/27 12:0 a.m.3 views

POCO Security Breach

POCO is POCO open source a cross-platform C++ library . It is used to build web and internet based applications that run on desktop, server, mobile, IoT and embedded systems. A security vulnerability exists in POCO that stems from the presence of an integer overflow issue that results in a stack...

9.8CVSS9.1AI score0.00851EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/01/27 12:0 a.m.4 views

CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.5AI score0.00851EPSS
Exploits0References3
OSV
OSV
added 2024/01/27 12:0 a.m.23 views

CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS7.2AI score0.00851EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/01/27 12:0 a.m.16 views

CVE-2023-52389

UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...

9.8CVSS9.1AI score0.00851EPSS
Exploits0
Veracode
Veracode
added 2023/03/01 10:14 a.m.64 views

Deserialization Of Untrusted Object

litedb is vulnerable to Deserialization Of Untrusted Objects. The vulnerability is caused by differing types in JSON documents, when a JSON document contains BsonDocument types, the library converts them to POCO. If an attacker can send a plain JSON string, they can inject and execute arbitrary...

9.8CVSS9.3AI score0.00699EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder