RockyLinux 10 : libsoup3 (RLSA-2026:0423)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0423 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

RLSA-2026:0421 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

libsoup security update

An update is available for libsoup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsoup packages provide an HTTP client and server library for GNOME...

MiracleLinux 8 : libsoup-2.62.3-11.el8_10 (AXSA:2026-026:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-026:01 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

ALSA-2026:0422 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

ALSA-2026:0423 Important: libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

CVE-2018-10949

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors...

CVE-2021-33149

Observable behavioral discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

CVE-2021-0001

Observable timing discrepancy in IntelR IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access...

CVE-2024-34024

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not...

CVE-2023-49069

A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...

CVE-2022-31111

Frontier is Substrate's Ethereum compatibility layer. In affected versions the truncation done when converting between EVM balance type and Substrate balance type was incorrectly implemented. This leads to possible discrepancy between appeared EVM transfer value and actual Substrate value...

CVE-2025-61546

There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...

edu Business Solutions Print Shop Pro WebDesk 安全漏洞

edu Business Solutions Print Shop Pro WebDesk is a print order management system from US-based edu Business Solutions. A security vulnerability exists in edu Business Solutions Print Shop Pro WebDesk version 18.34, which stems from insufficient validation of client-side inputs and could lead to a...

CVE-2019-16761

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions 1.0....

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...