Lucene search
K

10 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

Apache Thrift 路径遍历漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a path traversal vulnerability. This vulnerability was caused by source validation errors, path traversal, improper handling of...

7.3CVSS5.8AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2026/04/29 8:50 a.m.9 views

BIT-THRIFT-2026-41607 Apache Thrift: C++ JSON OOB read

Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

9.1CVSS5.3AI score0.00967EPSS
Exploits0References3
NVD
NVD
added 2026/04/28 10:16 a.m.8 views

CVE-2026-41605

Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

7.7CVSS0.00967EPSS
Exploits0References11
NVD
NVD
added 2026/04/28 10:16 a.m.9 views

CVE-2026-41606

Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

7.5CVSS0.01144EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

Apache Thrift 缓冲区错误漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a buffer error vulnerability, which was caused by an out-of-bounds read issue...

8.2CVSS6AI score0.00954EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.13 views

Apache Thrift 安全漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability caused by uncontrolled recursion...

5.3CVSS5.8AI score0.01144EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-32116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. From 0.21.0 to before 0.23.0, receiving a file...

8.2CVSS5.8AI score0.0035EPSS
Exploits0References2
OSV
OSV
added 2025/07/10 8:15 p.m.1 views

DEBIAN-CVE-2025-53629

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using Transfer-Encoding: chunked in the header can allocate memory arbitrarily in the server, potentially leading to its exhaustion. This vulnerability is fixed in 0.23.0. NOTE: Th...

7.5CVSS5.2AI score0.00505EPSS
Exploits1References1
Prion
Prion
added 2020/12/31 10:15 a.m.17 views

Double free

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because sessions.rs has a use-after-free...

7.5CVSS9.6AI score0.0173EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.7 views

Rust Formatting String Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rusqlite crate before 0.23.0, which stems from rusqlite::trace::log incorrectly handling format strings, and thus may violate memory safety...

9.8CVSS5.8AI score0.01715EPSS
Exploits0References3
Rows per page
Query Builder