Lucene search
K

203 matches found

OSV
OSV
added 2025/10/27 8:6 p.m.7 views

CLSA-2025-1761595580 libsoup: Fix of 3 CVEs

CVE-2025-4948: fix integer underflow in soupmultipartnewfrommessage - CVE-2025-32049: fix Denial of Service attack to websocket server - CVE-2025-32914: fix OOB Read through soupmultipartnewfrommessage...

7.5CVSS7.2AI score0.00821EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/10/20 11:40 p.m.5 views

SUSE CVE-2025-11677

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS6.4AI score0.00369EPSS
Exploits0References3
OSV
OSV
added 2025/10/20 2:15 p.m.3 views

DEBIAN-CVE-2025-11677

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS5.2AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2025/10/20 2:15 p.m.5 views

UBUNTU-CVE-2025-11677

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS5.8AI score0.00369EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/20 1:41 p.m.9 views

CVE-2025-11677 Use After Free in libwebsockets WebSocket server

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS0.00369EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/20 1:41 p.m.4 views

CVE-2025-11677 Use After Free in libwebsockets WebSocket server

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS6.4AI score0.00369EPSS
Exploits0References2
CVE
CVE
added 2025/10/20 1:41 p.m.76 views

CVE-2025-11677

CVE-2025-11677 is a Use After Free in the warmcat libwebsockets WebSocket server (lws_handshake_server). The vulnerability triggers in configurations where a user-supplied callback handles LWS_CALLBACK_HTTP_CONFIRM_UPGRADE, potentially allowing a denial-of-service. Public advisories reference aff...

6.3CVSS6.4AI score0.00369EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/10/20 1:41 p.m.5 views

CVE-2025-11677

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS5.2AI score0.00369EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/10/20 1:41 p.m.4 views

CVE-2025-11677

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS6.8AI score0.00369EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.6 views

Libwebsockets 资源管理错误漏洞

Libwebsockets is a canonical libwebsockets web library open sourced by lws-team. A resource management error vulnerability exists in Libwebsockets that stems from a post-release reuse issue in the WebSocket server implementation that could lead to a denial of service attack...

6.3CVSS6.3AI score0.00369EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-0849

Malware in sbrugna...

7.5CVSS7.6AI score0.01691EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0491

Malware in sbrugna...

7.5CVSS7.8AI score0.03662EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-11338

Malware in sbrugna...

5.3CVSS5.5AI score0.01008EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-1096

Malware in sbrugna...

5.9CVSS5.8AI score0.0134EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-2566

Malware in sbrugna...

7.5CVSS7.5AI score0.01091EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-0225

Malicious code in bioql PyPI...

9.6CVSS7.4AI score0.0067EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-25352

Malicious code in bioql PyPI...

7.3CVSS5.9AI score0.00239EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/09/04 6:7 a.m.2 views

Libsoup: denial of service attack to websocket server

...

7.5CVSS7AI score0.00821EPSS
Exploits0
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.275 views

AirKeyboard iOS App 1.0.5 - Remote Input Injection

Exploit Title: AirKeyboard iOS App 1.0.5 - Remote Input Injection Date: 2025-06-13 Exploit Author: Chokri Hammedi Vendor Homepage: https://airkeyboardapp.com Software Link: https://apps.apple.com/us/app/air-keyboard/id6463187929 Version: Version 1.0.5 Tested on: iOS 18.5 with AirKeyboard app '''...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:9 p.m.10 views

CVE-2020-10101

An issue was discovered in Zammad 3.0 through 3.2. The WebSocket server crashes when messages in non-JSON format are sent by an attacker. The message format is not properly checked and parsing errors not handled. This leads to a crash of the service process...

7.5CVSS6.8AI score0.01091EPSS
Exploits0
Rows per page
Query Builder