libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

CVE-2021-44415

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. ModifyUser param is not object. An attacker can send an HTTP request to trigger this vulnerability...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

CVE-2024-57648

An issue in the itcsetparamrow component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

PT-2025-3898 · Unknown · Lingdang Crm

Name of the Vulnerable Software and Affected Versions: Lingdang CRM versions up to 8.6.0.0 Description: A critical issue has been found in Lingdang CRM, affecting some unknown processes of the file /crm/weixinmp/index.php. The manipulation of the searchcontent argument leads to SQL injection. The...

OpenLink Virtuoso-opensource 安全漏洞

OpenLink Virtuoso-opensource is OpenLink Software's is a powerful multi-model database and middleware platform for a variety of application scenarios that require high-performance data processing and complex data model support. A security vulnerability exists in OpenLink Virtuoso-opensource versi...

The vulnerability of the soup_header_parse_param_list_strict() function in the GNOME graphical interface library libsoup, which allows a attacker to cause a service failure

The vulnerability of the soupheaderparseparamliststrict function in the GNOME graphical interface library libsoup is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2024-17854 · Beijing Longda Jushang Technology · Dbshop市场系统

Name of the Vulnerable Software and Affected Versions: Beijing Longda Jushang Technology DBShop商城系统 version 3.3 Release 231225 Description: A cross-site scripting issue affects the /home-order file, where manipulating the orderStatus argument with a specific input leads to cross-site scripting. T...

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an insecure privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code via the dynparamhandler component...

Astra Linux – Vulnerability in ffmpeg

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

CVE-2024-49776

The CVE-2024-49776 entry concerns tsMuxer, specifically the nightly build nightly-2024-04-05-01-53-02, where a negative-size-param vulnerability can be chained by processing a crafted TS video file to cause a Denial of Service (DoS). The core impact described across sources is DoS via crafted TS ...

SUSE CVE-2024-52531

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soupheaderparseparamliststrict. There is a plausible way to reach this remotely via soupmessageheadersgetcontenttype e.g., an application may want to retrieve the content type of a request or...

libsoup 缓冲区错误漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup versions prior to 3.6.1, which stems from a buffer overflow in applications that allow UTF-8 conversions to be performed in the soupheaderparseparamliststrict...

CVE-2024-47712

...

SUSE CVE-2024-50165

In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param-string when parsing mount options In bpfparseparam, keep the value of param-string intact so it can be freed later. Otherwise, the kmalloc area pointed to by param-string will be leaked as shown below:...