GStreamer: GStreamer: Arbitrary code execution via ASF file processing

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

SUSE-SU-2026:0690-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. - CVE-2026-2443: out-of-bounds read when processing specially...

The vulnerability of the read_headers() function in the cpp-httplib library allows a hacker to cause a service failure.

The vulnerability of the readheaders function in the cpp-httplib library is related to an uncontrolled resource consumption during the processing of headers. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2023-25725

A flaw was found in HAProxy's headers processing that causes HAProxy to drop important headers fields such as Connection, Content-length, Transfer-Encoding, and Host after having partially processed them. A maliciously crafted HTTP request could be used in an HTTP request smuggling attack to bypa...

CVE-2020-13984

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in exthdroptionsprocess in net/ipv6/uip6.c...

Vulnerabilities of Microsoft Edge and Internet Explorer browsers, which allow attackers to bypass the protection mechanisms against cross-site scripting attacks

The vulnerabilities of Microsoft Edge and Internet Explorer are caused by errors in the processing of HTTP response headers. Exploiting these vulnerabilities allows a malicious actor to bypass the protection mechanisms against cross-site scripting attacks...