CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2025/05/06 1:12 p.m.•0 views

USN-7490-1 libsoup2.4 vulnerabilities

Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. CVE-2025-32906 Alon Zahavi discovered that libsoup incorrectly parse...

9CVSS7.1AI score0.00472EPSS

Exploits0References10

RedHat Linux•added 2024/10/23 10:28 a.m.•2 views

python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

A regular expression denial of service ReDos vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive...

7.5CVSS7.2AI score0.03014EPSS

Exploits2References7

OpenVAS•added 2024/09/25 12:0 a.m.•16 views

Ubuntu: Security Advisory (USN-7031-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS6.5AI score0.00803EPSS

Exploits0References2

OSV•added 2024/04/08 9:28 a.m.•5 views

SUSE-SU-2024:1131-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2024-25126: Fixed a denial-of-service vulnerability in Rack Content-Type parsing bsc1220239. - CVE-2024-26141: Fixed a denial-of-service vulnerability in Range request header parsing bsc1220242. - CVE-2024-26146: Fixed a...

7.5CVSS6.9AI score0.00775EPSS

Exploits2References7

Positive Technologies•added 2022/11/16 12:0 a.m.•1 views

PT-2022-36769 · Git +1 · Opensis

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read, which occurs during the parsing of content length and headers. The crash state indicates the...

6.9AI score

Exploits0References2

NVD•added 2022/06/14 10:15 a.m.•15 views

CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

10CVSS0.00385EPSS

Exploits0References1

Prion•added 2022/06/14 10:15 a.m.•20 views

Buffer overflow

10CVSS9.6AI score0.00385EPSS

Exploits0References1

CNNVD•added 2021/01/04 12:0 a.m.•2 views

Qualcomm Video Buffer Error Vulnerability

Qualcomm Video is a Qualcomm Incorporated USA video component used in Qualcomm products. A buffer error vulnerability exists in Qualcomm Video, which stems from a failure to check the length of data received from a user, and could result in a heap overflow when parsing NAL headers. The following...

10CVSS7AI score0.00427EPSS

Exploits0References3

UbuntuCve•added 2020/02/08 7:15 p.m.•31 views

CVE-2015-5741

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields...

9.8CVSS6.9AI score0.01751EPSS

Exploits0References2

Packet Storm•added 2016/04/21 12:0 a.m.•72 views

libgd 2.1.1 Signedness

Overview ======== libgd 1 is an open-source image library. It is perhaps primarily used by the PHP project. It has been bundled with the default installation of PHP since version 4.3 2. A signedness vulnerability CVE-2016-3074 exist in libgd 2.1.1 which may result in a heap overflow when processi...

7.5CVSS0.1AI score0.60488EPSS

Exploits8