SUSE CVE-2019-25355

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal...

CVE-2019-25355

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal...

EUVD-2024-23564

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-13578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial o...

CVE-2024-26293

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

CVE-2024-26293

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

CVE-2024-26293

CVE-2024-26293 affects Avid NEXIS products via a vulnerable gSOAP v2.8 instance, enabling Unauthenticated Path Traversal. Impacted are Avid NEXIS E-series, F-series, PRO+ and System Director Appliance (SDA+) versions prior to 2025.5.1. Descriptions across NVD/Red Hat/CVELIST and related sources c...

CVE-2024-26293 Unauthenticated Path Traversal affecting Avid NEXIS

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

CVE-2024-26293 Unauthenticated Path Traversal affecting Avid NEXIS

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

DEBIAN-CVE-2024-4227

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

CVE-2024-4227 gSOAP: Vulnerable to specially crafted unencrypted SDC messages

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

CVE-2024-4227 gSOAP: Vulnerable to specially crafted unencrypted SDC messages

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

CVE-2024-4227

CVE-2024-4227 affects Genivia gSOAP. A specific configuration allows an unauthenticated remote attacker to cause high CPU load by forcing the XML parser to process duplicate ID attributes, leading to a DoS. The vulnerability is tied to the gSOAP XML parsing behavior; impact is denial of service w...

PT-2025-2635 · Genivia · Gsoap

Name of the Vulnerable Software and Affected Versions: Genivia gSOAP affected versions not specified Description: The issue allows an unauthenticated remote attacker to generate a high CPU load by forcing the system to parse an XML with duplicate ID attributes, potentially leading to a Denial of...

SUSE CVE-2020-13576

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

The vulnerability of the WS-Addressing plugin in the gSOAP software development environment allows a attacker to trigger a service failure.

The vulnerability of the WS-Addressing plugin in the gSOAP software development environment is related to errors in pointer manipulation during SOAP request processing. Exploiting this vulnerability allows an attacker to cause service failures by sending specially crafted HTTP requests...

The vulnerability of the WS-Security plugin in the gSOAP software development environment allows a attacker to cause a service failure.

The vulnerability of the WS-Security plugin in the gSOAP software development environment is related to errors in pointer assignment during SOAP request processing. Exploiting this vulnerability allows an attacker to cause service failures by sending specially crafted HTTP requests...

Remote Code Execution (RCE)

gsoap is vulnerable to remote code execution. An attacker can send a malicious SOAP HTTP that can lead to a remote code execution...

DEBIAN-CVE-2021-21783

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

Genivia gSOAP WS-Addressing plugin functionality remote code execution vulnerability

Genivia gSOAP is a C/C++ software development kit with automatic coding capabilities. A security vulnerability exists in the Genivia gSOAP WS-Addressing plugin functionality, which can be exploited by an attacker to achieve remote code execution by sending a specially crafted SOAP request...