CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22247 – Insecure file handling vulnerability
https://notcve.org/view.php?id=CVE-2025-22247
12 May 2025 — VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. It was discovered that Open VM Tools incorrectly handled certain file operations. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 0CVE-2025-46421 – Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server
https://notcve.org/view.php?id=CVE-2025-46421
24 Apr 2025 — A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. • https://access.redhat.com/security/cve/CVE-2025-46421 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2025-46420 – Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c
https://notcve.org/view.php?id=CVE-2025-46420
24 Apr 2025 — A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video files. • https://access.redhat.com/security/cve/CVE-2025-46420 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-32911 – Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value
https://notcve.org/view.php?id=CVE-2025-32911
15 Apr 2025 — A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. Tan Wei Chong discovered that libsoup incorrec... • https://access.redhat.com/security/cve/CVE-2025-32911 • CWE-590: Free of Memory not on the Heap •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-32914 – Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
https://notcve.org/view.php?id=CVE-2025-32914
14 Apr 2025 — A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video files. • https://access.redhat.com/errata/RHSA-2025:7505 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-32912 – Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication
https://notcve.org/view.php?id=CVE-2025-32912
14 Apr 2025 — A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video files. • https://access.redhat.com/errata/RHSA-2025:7505 • CWE-476: NULL Pointer Dereference •
CVSS: 8.5EPSS: 0%CPEs: 29EXPL: 0CVE-2025-32906 – Libsoup: out of bounds reads in soup_headers_parse_request()
https://notcve.org/view.php?id=CVE-2025-32906
14 Apr 2025 — A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video fi... • https://access.redhat.com/security/cve/CVE-2025-32906 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2025-32913 – Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header
https://notcve.org/view.php?id=CVE-2025-32913
14 Apr 2025 — A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorre... • https://access.redhat.com/security/cve/CVE-2025-32913 • CWE-476: NULL Pointer Dereference •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24375 – MySQL K8s charm could leak credentials for root-level user `serverconfig`
https://notcve.org/view.php?id=CVE-2025-24375
09 Apr 2025 — Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary script file containing the full URI, with user and password. The file can be read by a unprivileged user during the operator runtime, due it being created with read permissions (0x644). On other cases, when calling m... • https://github.com/canonical/mysql-k8s-operator/commit/7c6b1206fcbc7324b72f413c5e63216e742a71a1 • CWE-256: Plaintext Storage of a Password •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32543 – WordPress Canonical Attachments Plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-32543
09 Apr 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hivedigital Canonical Attachments allows Reflected XSS. This issue affects Canonical Attachments: from n/a through 1.7. The Canonical Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th... • https://patchstack.com/database/wordpress/plugin/canonical-attachments/vulnerability/wordpress-canonical-attachments-plugin-1-7-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •