SUSE-SU-2025:20965-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-11021: Ignore invalid date when processing cookies to prevent out-of-bounds read bsc1250562...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read bsc1250562. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2025:3752-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read bsc1250562...

EUVD-2021-7822

Malicious code in bioql PyPI...

IBM Security Verify Information Queue Denial of Service Vulnerability

IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. A denial of service vulnerability exists in IBM Security Verify Information Queue. The vulnerability stems from an...

CVE-2021-20404

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins. IBM X-Force ID: 196078...

Design/Logic Flaw

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins. IBM X-Force ID: 196078...

CVE-2021-20404

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins. IBM X-Force ID: 196078...

Security Bulletin: IBM Security Verify Information Queue does not sufficiently protect its session cookies (CVE-2021-20404)

Summary IBM Security Verify Information Queue ISIQ does not sufficiently protect its session cookies from malicious modification. Consequently, a denial-of-service attack could cause ISIQ logins to fail with an invalid token. As of v10.0.0, ISIQ has strengthened the safeguards of session cookies...

IBM Security Verify Information Queue 安全漏洞

IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. A denial of service vulnerability exists in IBM Security Verify Information Queue. The vulnerability stems from an...

DEBIAN-CVE-2019-3804

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

cockpit: Crash when parsing invalid base64 headers

It was found that cockpit used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

CVE-2017-16025

Nes is a websocket extension library for hapi. Hapi is a webserver framework. Versions below and including 6.4.0 have a denial of service vulnerability via an invalid Cookie header. This is only present when websocket authentication is set to cookie. Submitting an invalid cookie on the websocket...

DEBIAN-CVE-2017-11171

Bad reference counting in the context of accepticeconnection in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data an invalid magic cookie. Each failed authentication...

Kame Racoon Invalid Cookie Handling Remote DoS

The remote system appears to have a problem with processing requests with invalid cookie values. At least one VPN product racoon demonstrates this flaw. Racoon is integrated with: FreeBSD 4.0 and beyond OpenBSD 2.7 and beyond NetBSD 1.5 and beyond BSD/OS 4.2 and beyond However, the bug has only...

CVE-2002-0523

ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie...