libsoup: Heap buffer overflow in sniff_unknown()

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

CVE-2024-10353

A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /admin-dashboard. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2023-0561

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file /user/s.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2023-0640

A vulnerability was found in TRENDnet TEW-652BRP 3.04b01. It has been classified as critical. Affected is an unknown function of the file ping.ccp of the component Web Interface. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-0915

A vulnerability classified as critical has been found in SourceCodester Auto Dealer Management System 1.0. Affected is an unknown function of the file /adms/admin/?page=user/manageuser. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2023-1947

A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

CVE-2023-1785

A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as critical. Affected is an unknown function of the file manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifie...

CVE-2022-2018

A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. Affected is an unknown function of the file /admin/?page=inmates/viewinmate of the component Inmate Handler. The manipulation of the argument id with the input...

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server due to an unknown function in the component PROMPT command handler. No detailed vulnerability details are provided at this time...

CVE-2025-4734

A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/ciupdate.php. The manipulation of the argument id/name leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-4463

A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. Affected is an unknown function of the file /ajax.php?action=savepackage. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit h...

libsoup: Heap buffer overflow in sniff_unknown()

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

CVE-2025-4067

A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. Affected is an unknown function of the file /admin/viewpackage.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed ...

CVE-2025-3589

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manageclass.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-3173

A vulnerability, which was classified as critical, was found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the file /savebooking.php. The manipulation of the argument lawyerid/description leads to sql injection. It is possible to launch the attack...

DEBIAN-CVE-2025-32052

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

UBUNTU-CVE-2025-32052

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

PT-2025-13559 · Netis · Netis Wf-2404

Name of the Vulnerable Software and Affected Versions: Netis WF-2404 version 1.1.124EN Description: A critical issue has been discovered, affecting an unknown function of the file /etc/passwd. The manipulation with the input Realtek leads to the use of a default password. It is possible to launch...

CVE-2025-2209

A vulnerability, which was classified as problematic, was found in aitangbao springboot-manager 3.0. Affected is an unknown function of the file /sysDict/add. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-1590

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...