SUSE-SU-2026:20989-1 Security update for kea

This update for kea fixes the following issues: Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message bsc1260380. Changelog: A large number of bracket pairs in a JSON payload directed to any endpoint would...

EUVD-2018-4863

Malware in sbrugna...

EUVD-2016-1382

Malware in sbrugna...

CLSA-2025-1739388106 libevent: Fix of 3 CVEs

CVE-2016-10195: fix an out-of-bounds stack read in the nameparse function - CVE-2016-10196: fix a stack-based buffer overflow in the evutilparsesockaddrport function - CVE-2016-10197: fix DoS via an empty hostname in the searchmakenew function...

K10027302: Libsoup vulnerability CVE-2018-12910

Security Advisory Description The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. CVE-2018-12910 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

SUSE CVE-2016-10197

The searchmakenew function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service out-of-bounds read via an empty hostname...

SUSE CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

EulerOS Virtualization for ARM 64 3.0.6.0 : libsoup (EulerOS-SA-2020-2047)

According to the versions of the libsoup package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A stack-based buffer overflow flaw was discovered within the HTTP processing of libsoup. A remote attacker could explo...

libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames

An out-of-bounds read has been discovered in libsoup when getting cookies from a URI with empty hostname. An attacker may use this flaw to cause a crash in the application...

GNOME libsoup Denial of Service Vulnerability

GNOME libsoup is an HTTP client/server library developed by the GNOME project. A security vulnerability exists in the soupcookiejargetcookies file in the soup-cookie-jar.c file in GNOME libsoup. An attacker can exploit this vulnerability to cause a denial of service with an empty hostname...

Design/Logic Flaw

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

DEBIAN-CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

UBUNTU-CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

libevent: Out-of-bounds read in search_make_new()

An out of bounds read vulnerability was found in libevent in the searchmakenew function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash...

libevent: Out-of-bounds read in search_make_new()

An out of bounds read vulnerability was found in libevent in the searchmakenew function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash...

libevent: Out-of-bounds read in search_make_new()

An out of bounds read vulnerability was found in libevent in the searchmakenew function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash...