6 matches found
CVE-2026-12043 Heap double-free in AWS Common Runtime aws-c-http
Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...
PT-2026-48949
Name of the Vulnerable Software and Affected Versions aws-c-http versions prior to 0.11.0 Description Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library allows a remote threat actor operating a server to cause memory corruption on a connecting clien...
EUVD-2024-2363
Malicious code in bioql PyPI...
PT-2024-26376
Name of the Vulnerable Software and Affected Versions TorchServe versions prior to 0.11.0 Description The issue arises from the two gRPC ports 7070 and 7071 not being bound to localhost by default, causing them to be bound to all interfaces when TorchServe is launched. Customers using PyTorch...
Denial of Service (DoS)
Overview opcua is an OPC UA server / client API implementation for Rust. Affected versions of this package are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message siz...
Insertion of Sensitive Information into Log File
Overview com.gradle.plugin-publish:com.gradle.plugin-publish.gradle.plugin is a plugin that publishes plugins to the Gradle Plugin Portal. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File. When a plugin author publishes a Gradle plugin while...