Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2026/04/28 8:35 a.m.5 views

CVE-2026-41415

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit this vulnerability by sending a specially crafted Session Initiation Protocol SIP multipart message containing a malformed Content-ID URI. Insufficient length validation during parsing of this URI can...

9.1CVSS5.1AI score0.00308EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/24 6:38 p.m.6 views

CVE-2026-41415

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This...

8.8CVSS5.5AI score0.00308EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.7 views

PT-2026-35058

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.17 Description An out-of-bounds read occurs when parsing a malformed Content-ID URI in a SIP multipart message body. This is caused by insufficient length validation, which allows reads to extend beyond the intended...

8.8CVSS5.4AI score0.00308EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.6 views

The vulnerability of the soup_multipart_new_from_message() function in the libsoup library, a graphical interface library for GNOME, allows a attacker to cause a service failure.

The vulnerability of the soupmultipartnewfrommessage function in the GNOME graphical interface library libsoup is related to the possibility of integer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.3AI score0.00625EPSS
Exploits0References8Affected Software4
RedHat Linux
RedHat Linux
added 2025/06/17 12:8 p.m.5 views

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

7.5CVSS7.2AI score0.00625EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read data beyond its intended range...

7.4CVSS7.1AI score0.00637EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/28 8:5 a.m.2 views

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

7.5CVSS7.2AI score0.00625EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/26 10:56 a.m.8 views

libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process

A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...

7.4CVSS7.3AI score0.00637EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/26 7:1 a.m.4 views

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

7.5CVSS7.2AI score0.00625EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/07 8:33 a.m.6 views

thunderbird: Information Disclosure of /tmp directory listing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...

6.3CVSS6.4AI score0.00295EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/04/17 4:7 p.m.6 views

CVE-2025-2830

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...

6.1CVSS6AI score0.00295EPSS
Exploits0References6
NVD
NVD
added 2025/04/15 3:16 p.m.9 views

CVE-2025-2830

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...

6.3CVSS0.00295EPSS
Exploits0References3
OSV
OSV
added 2025/04/15 3:16 p.m.7 views

CVE-2025-2830

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...

6.3CVSS6.4AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/15 3:6 p.m.7 views

CVE-2025-2830 Information Disclosure of /tmp directory listing

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...

6.4AI score0.00295EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/04/14 3:15 p.m.2 views

CVE-2025-32914

A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...

7.4CVSS7.1AI score0.00637EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/04/14 12:0 a.m.1 views

libsoup 缓冲区错误漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A buffer error vulnerability exists in libsoup, which stems from an out-of-bounds read in the function soupmultipartnewfrommessage, which could cause the server to read out of bounds...

7.4CVSS7.4AI score0.00637EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-3183

The HTBoundaryputblock function in HTBound.c for W3C libwww w3c-libwww allows remote servers to cause a denial of service segmentation fault via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read...

4.3CVSS6.8AI score0.02099EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.3 views

SUSE CVE-2006-6406

Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...

5CVSS6.9AI score0.03081EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.3 views

SUSE CVE-2007-0898

Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. dot dot in the id MIME header parameter in a multi-part message...

6.4CVSS9.2AI score0.03758EPSS
Exploits0References4
Huntr
Huntr
added 2021/11/11 8:8 a.m.19 views

Cross-site Scripting (XSS) - Stored in snipe/snipe-it

Description Multiple Stored XSS at 'snipeitram3' and 'snipeitcpu4' in the multipart message of POST request when creating a new Asset or editing an existed Asset. Proof of Concept POST /hardware HTTP/1.1 Host: develop.snipeitapp.com Connection: close Content-Length: 2560 Cache-Control: max-age=0...

3.5CVSS5.6AI score0.00731EPSS
Exploits1References1
Rows per page
Query Builder