48 matches found
OESA-2026-2616 libsoup security update
libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. A remote attacker could exploit an unsigned to...
OESA-2026-2615 libsoup security update
libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. A remote attacker could exploit an unsigned to...
CVE-2026-6324
creationtimestamp| type| source ---|---|--- 2026-05-29 09:44:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmyarricgp2a 2026-06-05 13:08:09+00:00| published-proof-of-concept| https://t.me/bdufstecru/3219...
DEBIAN-CVE-2026-6324
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...
CVE-2026-6324 Libsoup: libsoup: http request smuggling via unsigned to signed conversion error
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...
CVE-2025-6324
creationtimestamp| type| source ---|---|--- 2025-12-18 09:38:12+00:00| seen| https://gist.github.com/Darkcrai86/b2e31d3077b06b46861546ce9c4ac856 2025-12-18 09:59:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maaw4tgmgc2x...
CVE-2025-6324
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through = 2.0.9...
CVE-2020-6324
SAP Netweaver AS ABAPBSP Test Application sbspexttable, version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the victim clicks on this URL, the attacker can read, modify the information available in the victim�s brows...
CVE-2024-6324
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...
CVE-2024-6324 Inefficient Algorithmic Complexity in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...
CVE-2024-6324
GitLab CE/EE is affected by CVE-2024-6324 across all versions: 15.7 up to 17.5.5, 17.6 up to 17.6.3, and 17.7 up to 17.7.1. The issue allows DoS by triggering cyclic references between epics, leading to resource exhaustion. The connected OSV/NVD entries confirm the DoS impact and indicate a patch...
CVE-2024-6324
Removed by vendor...
GitLab 15.7 < 17.5.5 / 17.6 < 17.6.3 / 17.7 < 17.7.1 (CVE-2024-6324)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Inefficient Algorithmic Complexity in GitLab CVE-2024-6324 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...
CVE-2024-6324
creationtimestamp| type| source ---|---|--- 2025-01-08 16:11:36+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113793610252558322 2025-01-09 06:14:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/890 2025-01-09 06:16:00+00:00| seen|...
CVE-2023-6324
creationtimestamp| type| source ---|---|--- 2024-05-17 15:10:05+00:00| published-proof-of-concept| https://t.me/truesecator/5748...
CVE-2023-6324
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
CVE-2023-6324 ThroughTek Kalay SDK error in handling the PSK identity
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
CVE-2023-6324 ThroughTek Kalay SDK error in handling the PSK identity
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
GHSA-6324-52PR-H4P5
creationtimestamp| type| source ---|---|--- 2024-01-04 08:41:39+00:00| seen| https://t.me/ctinow/162840...
Oracle Linux 9 : python3.11-pip (ELSA-2023-6324)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6324 advisory. - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218247 Tenable has extracted the preceding description block directly fro...