11633 matches found
CVE-2025-32909
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniffmp4 function. The HTTP server may cause the libsoup client to crash...
AZL-60414 CVE-2025-32912 affecting package libsoup for versions less than 3.4.4-4
A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash...
CVE-2025-32909
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniffmp4 function. The HTTP server may cause the libsoup client to crash...
UBUNTU-CVE-2025-32909
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniffmp4 function. The HTTP server may cause the libsoup client to crash...
UBUNTU-CVE-2025-32912
A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash...
CVE-2025-32909 Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniffmp4 function. The HTTP server may cause the libsoup client to crash...
CVE-2025-32906
A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...
CVE-2025-32906 Libsoup: out of bounds reads in soup_headers_parse_request()
A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...
BIT-PHP-2025-1734 Streams HTTP wrapper does not fail for headers with invalid name and no colon
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...
Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2104 Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2259 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX D...
Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2098 Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability April 14, 2025 CVE Number CVE-2025-2260,None SUMMARY A denial of service vulnerability exists in the NetX HTTP server functionality of Eclipse ThreadX NetX Duo git commit 6c8e9d1. A...
Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2105 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2258 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX Du...
libsoup 缓冲区错误漏洞
libsoup is a GNOME HTTP client/server library from the GNOME Project. A buffer error vulnerability exists in libsoup, which stems from an out-of-bounds read in the function soupheadersparserequest, which could cause the HTTP server to crash...
QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
QuickResponseC2 is a stealthy Command and Control C2 framework that enables indirect and covert communication between the attacker and victim machines via an intermediate HTTP/S server. All network activity is limited to uploading and downloading images, making it an fully undetectable by IPS/IDS...
Advisory ROSA-SA-2025-2804
Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-65.rv30.3 CVE-ID: CVE-2023-31122 BDU-ID: 2023-07124 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modmacro module of the Apache HTTP Server web server involves reading beyond memory boundaries. Exploitation of th...
PT-2025-16035 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a Cross-Site Scripting XSS problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incident...
PT-2025-16033 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a denial of service. No further details are available about the estimated number of potentially affected devices or real-world incidents. Recommendations:...
PT-2025-16032 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross-Site Request Forgery in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or...
PT-2025-16105 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an XML External Entity XXE Injection. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents...
PT-2025-16107 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross Site Request Forgery in the Apache HTTP Server. No specific details about affected devices, real-world incidents, or technical exploitation details are...