Lucene search
K

243 matches found

OSV
OSV
added 2025/06/25 8:16 a.m.4 views

SUSE-SU-2025:20446-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed Heap buffer over-read in skipinsignificantspace when sniffing content bsc1240750 - CVE-2025-32050:Fixed Integer overflow in appendparamquoted bsc1240752 - CVE-2025-32051:Fixed Segmentation fault when parsing malformed data...

9CVSS6.1AI score0.00847EPSS
Exploits1References33
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.5 views

The vulnerability of the soup_uri_decode_data_uri() function in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.

The vulnerability of the soupuridecodedatauri function in the libsoup library, a GNOME graphical interface library, is related to insufficient checking of exceptional states. Exploiting this vulnerability could allow an attacker to cause a service failure by sending a specially crafted POST reque...

5.9CVSS6.2AI score0.00519EPSS
Exploits0References9Affected Software5
RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.5 views

CVE-2021-24559

The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...

5.4CVSS6.2AI score0.00218EPSS
Exploits2References1
SUSE Linux
SUSE Linux
added 2025/05/07 12:6 p.m.3 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI...

8.8CVSS7.6AI score0.00847EPSS
Exploits1References64
ATTACKERKB
ATTACKERKB
added 2025/04/03 2:15 p.m.5 views

CVE-2025-32051

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS6.2AI score0.00519EPSS
Exploits0References4
NVD
NVD
added 2025/04/03 2:15 p.m.9 views

CVE-2025-32051

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS0.00519EPSS
Exploits0References3
OSV
OSV
added 2025/04/03 2:15 p.m.5 views

AZL-59526 CVE-2025-32051 affecting package libsoup for versions less than 3.0.4-6

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS5.7AI score0.00519EPSS
Exploits0References1
OSV
OSV
added 2025/04/03 2:15 p.m.2 views

UBUNTU-CVE-2025-32051

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS6.2AI score0.00519EPSS
Exploits0References4
CVE
CVE
added 2025/04/03 1:36 p.m.103 views

CVE-2025-32051

Libsoup contains a vulnerability CVE-2025-32051 where soup_uri_decode_data_uri() may crash while processing malformed data URIs, leading to a DoS. Connected advisories (SUSE/SUSE-SU-2025 series, Mageia MGASA-2025-0261, and Diz/ Nessus references) confirm this CVE among multiple libsoup issues and...

5.9CVSS6.8AI score0.00519EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/03 1:36 p.m.24 views

CVE-2025-32051 Libsoup: segmentation fault when parsing malformed data uri

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS0.00519EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/03 1:36 p.m.14 views

CVE-2025-32051 Libsoup: segmentation fault when parsing malformed data uri

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS6.8AI score0.00519EPSS
Exploits0References3
OSV
OSV
added 2025/04/03 1:36 p.m.8 views

CVE-2025-32051 Libsoup: segmentation fault when parsing malformed data uri

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS6.2AI score0.00519EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/04/03 1:36 p.m.8 views

CVE-2025-32051

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...

5.9CVSS5.7AI score0.00519EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.8 views

PT-2024-40550 · Mozilla · Seamonkey

Name of the Vulnerable Software and Affected Versions: SeaMonkey versions prior to 2.53.19 Description: The issue is related to a security vulnerability in SeaMonkey. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where thi...

7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.2 views

PT-2025-14758

Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description A flaw was found in the libsoup soup uri decode data uri function, which may crash when processing malformed data URI, allowing an attacker to cause a denial of service DoS. Recommendations A...

7.4CVSS6.6AI score0.00714EPSS
Exploits0References87
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.31 views

Fedora 40 : rubygem-rails-html-sanitizer (2023-91e69ea326)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-91e69ea326 advisory. Automatic update for rubygem-rails-html-sanitizer-1.6.0-1.fc40. Changelog Thu Nov 23 2023 Vt Ondruch - 1.6.0-1 - Update to rails-html-sanitizer 1.6....

7.2CVSS6.7AI score0.0111EPSS
Exploits3References4
OSV
OSV
added 2024/01/16 4:15 p.m.5 views

CVE-2021-24559

The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...

5.4CVSS5.9AI score0.00218EPSS
Exploits2References1
CVE
CVE
added 2024/01/16 3:48 p.m.38 views

CVE-2021-24559

The CVE concerns the Qyrr WordPress plugin prior to version 0.7. The vulnerability stems from two issues: (1) the plugin does not escape the data-uri of the QR Code when outputting it in a src attribute, enabling Cross-Site Scripting, and (2) the data_uri_to_meta AJAX action lacks robust CSRF pro...

5.4CVSS5.4AI score0.00218EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.16 views

PT-2024-10890 · WordPress · Qyrr Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Qyrr WordPress plugin versions prior to 0.7 Description: The issue allows for Cross-Site Scripting attacks due to the failure to escape the data-uri of the QR Code when outputting it in a src attribute. Additionally, the data uri to meta AJAX...

5.4CVSS5.4AI score0.00218EPSS
Exploits2References4
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.4 views

WordPress plugin Qyrr security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.4CVSS6AI score0.00218EPSS
Exploits2References2
Rows per page
Query Builder