26 matches found
Astra Linux - уязвимость в libsoup2.4
A flaw was discovered in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which could cause libsoup to allocate memory and lead to a denial of service DoS attack...
MiracleLinux 7 : libsoup-2.62.2-2.0.5.0.1.el7.AXS7 (AXSA:2025-11110:15)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11110:15 advisory. CVE-2025-4948: fix integer underflow in soupmultipartnewfrommessage CVE-2025-32049: fix Denial of Service attack to websocket server CVE-2025-32914...
EUVD-2024-0913
Malicious code in bioql PyPI...
EUVD-2025-29044
Malicious code in bioql PyPI...
CVE-2025-10318
A vulnerability was identified in JeecgBoot up to 3.8.2. Affected by this vulnerability is an unknown functionality of the file /api/system/sendWebSocketMsg of the component WebSocket Message Handler. The manipulation of the argument userIds leads to improper authorization. The attack can be...
CVE-2025-10318 JeecgBoot WebSocket Message sendWebSocketMsg improper authorization
A vulnerability was identified in JeecgBoot up to 3.8.2. Affected by this vulnerability is an unknown functionality of the file /api/system/sendWebSocketMsg of the component WebSocket Message Handler. The manipulation of the argument userIds leads to improper authorization. The attack can be...
CVE-2025-10318 JeecgBoot WebSocket Message sendWebSocketMsg improper authorization
A vulnerability was identified in JeecgBoot up to 3.8.2. Affected by this vulnerability is an unknown functionality of the file /api/system/sendWebSocketMsg of the component WebSocket Message Handler. The manipulation of the argument userIds leads to improper authorization. The attack can be...
JeecgBoot 授权问题漏洞
JeecgBoot is a Java low-code platform for enterprise web applications from China National Torch Jeecg. An authorization issue vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the parameter userIds in the file /api/system/sendWebSocketMsg in...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
CVE-2024-55210
CVE-2024-55210 affects TOTVS Framework (Linha Protheus) version 12.1.2310. A crafted websocket message can bypass multi-factor authentication, exposing potential unauthorized access to sensitive areas. Documents from PT Security explicitly tie the issue to version 12.1.2310 and recommend temporar...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
TOTVS 安全漏洞
TOTVS is a complete human resource management solution from the Brazilian company TOTVS. A security vulnerability exists in TOTVS version 12.1.2310, which stems from vulnerability to a specially crafted websocket message bypassing multi-factor authentication attack...
SUSE CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
AZL-59539 CVE-2025-32049 affecting package libsoup for versions less than 3.0.4-12
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the SoupWebsocketConnection accepting a large WebSocket message, which may cause memory allocation issues leading to system unavailability. An attacker can disrupt service by...