libsoup: Out of bounds reads in soup_headers_parse_request()

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

libsoup: Out of bounds reads in soup_headers_parse_request()

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

Libsoup: out of bounds reads in soup_headers_parse_request()

...

SUSE CVE-2025-32906

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

libsoup 缓冲区错误漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A buffer error vulnerability exists in libsoup, which stems from an out-of-bounds read in the function soupheadersparserequest, which could cause the HTTP server to crash...

PT-2025-6534 · WordPress · Wp Directorybox Manager

Name of the Vulnerable Software and Affected Versions: WP Directorybox Manager plugin for WordPress versions up to, and including, 2.5 Description: The issue is due to incorrect authentication in the wp dp parse request function, allowing unauthenticated attackers to log in as any existing user o...

WordPress WP Foodbakery plugin <= 4.7 - Authentication Bypass in foodbakery_parse_request vulnerability

Authentication Bypass in foodbakeryparserequest vulnerability discovered by Tonn in WordPress Plugin FoodBakery versions = 4.7...

PT-2024-6122 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: InPost for WooCommerce plugin versions 1.4.0 and earlier InPost PL plugin for WordPress versions 1.4.4 and earlier Description: The issue is related to a missing capability check on the parse request function, allowing unauthorized access and...

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...

CVE-2021-4380

The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wppinterestautomaticparserequest' function and the 'processform.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to...

OSV-2021-907 Heap-buffer-overflow in decode_header_value_literal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35675 Crash type: Heap-buffer-overflow READ 1 Crash state: decodeheadervalueliteral decodeheader h2ohpackparserequest...

kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP

A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfrsp and l2capparseconfreq functions. An attacker with physical access within the range of standard Bluetooth transmission can create a...

DEBIAN-CVE-2013-7401

The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method...

UBUNTU-CVE-2013-7401

The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method...