TencentOS Server 4: rapidjson (TSSA-2024:0415)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0415 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: gstreamer1 (TSSA-2024:1102)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1102 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Security update for valkey

This update for valkey fixes the following issues: CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804 CVE-2025-49112: setDeferredReply integer underflow bsc1243913 CVE-2025-21605: Output buffer denial of service bsc1241708 Patch Instructions: To install this SUSE...

SUSE-SU-2025:01942-1 Security update for valkey

This update for valkey fixes the following issues: - CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804 - CVE-2025-49112: setDeferredReply integer underflow bsc1243913 - CVE-2025-21605: Output buffer denial of service bsc1241708...

Important: libsoup

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

Important: libsoup

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

Amazon Linux 2 : libsoup (ALAS-2025-2874)

The version of libsoup installed on the remote host is prior to 2.56.0-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2874 advisory. A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and othe...

SUSE-SU-2025:01864-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 - CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 - CVE-2025-32906: Fixed out of bounds reads in...

Important: libsoup3

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

Important: libsoup

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

Important: libsoup3

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

VulnCheck KEV: CVE-2019-12255

Wind River VxWorks has a Buffer Overflow in the TCP component issue 1 of 4. This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow...

Important: libsoup

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

CLSA-2025-1749478391 gstreamer1-plugins-good: Fix of CVE-2024-47596

CVE-2024-47596: fix integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads...

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

RHEL 8 : libsoup (RHSA-2025:8663)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8663 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in...

NewStart CGSL MAIN 7.02 : gstreamer1-plugins-good Multiple Vulnerabilities (NS-SA-2025-0076)

The remote NewStart CGSL host, running version MAIN 7.02, has gstreamer1-plugins-good packages installed that are affected by multiple vulnerabilities: - GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4476: Fixed NULL pointer dereference may le...

RHEL 10 : libsoup3 (RHSA-2025:8128)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8128 advisory. Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup,...