Halcy0Nic

**Name of the Vulnerable Software and Affected Versions** Lotos WebServer versions through 0.1.1 **Description** The issue is related to a use-after-free in the `buffer avail()` function at `buffer.h`, which occurs when handling a long URI. This is due to the mishandling of `realloc`. **Recommendations** For versions through 0.1.1, consider restricting access to long URIs until a patch is available. As a temporary workaround, consider disabling the `buffer avail()` function until a fix is provided.

**Name of the Vulnerable Software and Affected Versions** cherry versions through 4b877df **Description** The issue is related to a stack-based buffer overflow in the `handle request` function in `http.c` due to the use of `sscanf` with a long URI, which can lead to remote code execution. **Recommendations** For versions through 4b877df, as a temporary workaround, consider restricting access to the `handle request` function in `http.c` until a patch is available. Avoid using long URIs in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Pico HTTP Server in C through f3b69a6 **Description** The issue is related to a stack-based buffer overflow in the route function within main.c, caused by a long URI. This can lead to remote code execution. **Recommendations** For Pico HTTP Server in C through f3b69a6, as a temporary workaround, consider restricting access to long URIs until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ehttp version 1.0.6 before 17405b9 **Description** The issue is related to an out-of-bounds read in the `simple log.cpp` file during error logging for long strings. **Recommendations** For ehttp version 1.0.6 before 17405b9, consider updating to a version that includes the fix for the out-of-bounds read issue in the `simple log.cpp` file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ehttp version 1.0.6 before 17405b9 **Description** The issue is related to a use-after-free in the `epoll socket.cpp` `read func`. An attacker can trigger this by making many connections over a short time. **Recommendations** For ehttp version 1.0.6 before 17405b9, consider updating to a version after 17405b9 to resolve the issue. As a temporary workaround, consider restricting the number of connections allowed over a short time to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MicroHttpServer versions through 4398570 **Description** The issue allows a stack-based buffer overflow and potentially remote code execution via a long URI. This is due to the ` ReadStaticFiles` function in `lib/middleware.c`. **Recommendations** For versions through 4398570, consider restricting access to the ` ReadStaticFiles` function in `lib/middleware.c` to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Liblisp through commit 4c65969 **Description** A use-after-free issue was found in the `hash destroy` function, located in `hash.c`. **Recommendations** For versions through commit 4c65969, consider applying a patch that fixes the `hash destroy` function to prevent use-after-free errors.

**Name of the Vulnerable Software and Affected Versions** Liblisp versions through commit 4c65969 **Description** The issue is related to an out-of-bounds-read vulnerability in the `get length` function, which is located in the `eval.c` file and operates on `lisp cell t` objects. This vulnerability can be exploited due to the lack of proper bounds checking in the `get length` function. **Recommendations** For versions through commit 4c65969, consider applying a patch or modification to the `get length` function to include proper bounds checking to prevent out-of-bounds reads. As a temporary workaround, consider implementing additional validation or error handling for the `lisp cell t` objects passed to the `get length` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Boron version 2.0.8 **Description** The issue is a heap-based buffer overflow in the `ur strInitUtf8` function at `string.c`. This is a general information about the problem, but specific details such as the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited are not provided. **Recommendations** For Boron version 2.0.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** async-sockets-cpp versions 0.3.1 and earlier **Description** The issue is a stack-based buffer overflow in the `ReceiveFrom` and `Receive` functions in `udpsocket.hpp` when processing malformed UDP packets. This occurs in the `async-sockets-cpp` library. **Recommendations** For versions 0.3.1 and earlier, consider disabling the `ReceiveFrom` and `Receive` functions in `udpsocket.hpp` until a patch is available to prevent exploitation of the stack-based buffer overflow. Restrict access to the `udpsocket.hpp` module to minimize the risk of exploitation. Avoid using the `async-sockets-cpp` library with untrusted UDP packets until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Boron version 2.0.8 **Description** The issue is a heap-based buffer overflow in the `ur parseBlockI` function at `i parse blk.c`. This overflow can occur in the `libboron` component of Boron. **Recommendations** For Boron version 2.0.8, consider disabling the `ur parseBlockI` function as a temporary workaround until a patch is available. Restrict access to the `libboron` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** async-sockets-cpp versions 0.3.1 and earlier **Description** The issue is a stack-based buffer overflow in the tcpsocket.hpp file when processing malformed TCP packets. This occurs due to improper handling of packet data, leading to a potential overflow. **Recommendations** For versions 0.3.1 and earlier, consider restricting access to the `tcpsocket.hpp` file until a patch is available. As a temporary workaround, avoid using the `async-sockets-cpp` library with untrusted or potentially malicious TCP packet sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xHTTP version 72f812d **Description** The issue is related to a double free in the `close connection` function in `xhttp.c`, which can be triggered by a malformed HTTP request method. **Recommendations** For xHTTP version 72f812d, consider restricting access to the `close connection` function until a patch is available. As a temporary workaround, avoid using malformed HTTP request methods to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PicoC version 3.2.2 **Description** A heap buffer overflow was discovered in the LexSkipComment function in lex.c when called from LexScanGetToken, which can lead to a potential issue. **Recommendations** For PicoC version 3.2.2, consider disabling the `LexSkipComment` function as a temporary workaround until a patch is available. Restrict access to the `lex.c` file to minimize the risk of exploitation. Avoid using the `LexScanGetToken` function in conjunction with `LexSkipComment` until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** N-Prolog version 1.91 **Description** A global buffer overflow issue was found in the gettoken() function at Main.c. **Recommendations** For N-Prolog version 1.91, consider disabling the gettoken() function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** html2xhtml version 1.3 **Description** The issue is related to an Out-Of-Bounds read in the `elm close()` function at `procesador.c`. This allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file. **Recommendations** For html2xhtml version 1.3, consider disabling the `elm close()` function as a temporary workaround until a patch is available. Restrict access to sensitive files to minimize the risk of exploitation. Avoid using crafted html files that could trigger the Out-Of-Bounds read in the `elm close()` function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** PicoC version 3.2.2 **Description** A heap buffer overflow was discovered in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator, which can be exploited. **Recommendations** For PicoC version 3.2.2, consider disabling the ExpressionCoerceInteger function as a temporary workaround until a patch is available. Restrict access to the ExpressionInfixOperator function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PicoC version 3.2.2 **Description** A heap buffer overflow was discovered in the ExpressionCoerceUnsignedInteger function in expression.c when called from ExpressionParseFunctionCall. **Recommendations** For PicoC version 3.2.2, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PicoC version 3.2.2 **Description** A heap buffer overflow was discovered in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall, which is located in the PicoC programming language. **Recommendations** For PicoC version 3.2.2, consider avoiding the use of the StringStrncpy function until a patch is available. As a temporary workaround, restrict the use of the ExpressionParseFunctionCall to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PicoC version 3.2.2 **Description** A heap buffer overflow was discovered in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall, which can lead to a potential issue. **Recommendations** For PicoC version 3.2.2, consider restricting access to the ExpressionAssign function until a patch is available. As a temporary workaround, avoid using the ExpressionParseFunctionCall function to call ExpressionAssign until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.