CVSS: 9.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-32911 – Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value
https://notcve.org/view.php?id=CVE-2025-32911
15 Apr 2025 — A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. Tan Wei Chong discovered that libsoup incorrec... • https://access.redhat.com/security/cve/CVE-2025-32911 • CWE-590: Free of Memory not on the Heap •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-32907 – Libsoup: denial of service in server when client requests a large amount of overlapping ranges with range header
https://notcve.org/view.php?id=CVE-2025-32907
14 Apr 2025 — A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. • https://access.redhat.com/security/cve/CVE-2025-32907 • CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVSS: 8.5EPSS: 1%CPEs: 29EXPL: 0CVE-2025-32906 – Libsoup: out of bounds reads in soup_headers_parse_request()
https://notcve.org/view.php?id=CVE-2025-32906
14 Apr 2025 — A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video fi... • https://access.redhat.com/security/cve/CVE-2025-32906 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2025-32913 – Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header
https://notcve.org/view.php?id=CVE-2025-32913
14 Apr 2025 — A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorre... • https://access.redhat.com/security/cve/CVE-2025-32913 • CWE-476: NULL Pointer Dereference •
CVSS: 3.7EPSS: 0%CPEs: 10EXPL: 0CVE-2025-3416 – Openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`
https://notcve.org/view.php?id=CVE-2025-3416
08 Apr 2025 — A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string. • https://access.redhat.com/security/cve/CVE-2025-3416 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-32053 – Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()
https://notcve.org/view.php?id=CVE-2025-32053
03 Apr 2025 — A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read. It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue to cause applications using libsoup to crash, resulting in a denial of service. It was discovered that libsoup could be made to dereference invalid memory. • https://access.redhat.com/errata/RHSA-2025:4440 • CWE-126: Buffer Over-read •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-32052 – Libsoup: heap buffer overflow in sniff_unknown()
https://notcve.org/view.php?id=CVE-2025-32052
03 Apr 2025 — A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read. It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue to cause applications using libsoup to crash, resulting in a denial of service. It was discovered that libsoup could be made to dereference invalid memory. • https://access.redhat.com/errata/RHSA-2025:4440 • CWE-126: Buffer Over-read •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2025-32050 – Libsoup: integer overflow in append_param_quoted
https://notcve.org/view.php?id=CVE-2025-32050
03 Apr 2025 — A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read. It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue to cause applications using libsoup to crash, resulting in a denial of service. It was discovered that libsoup could be made to dereference invalid memory. • https://access.redhat.com/errata/RHSA-2025:4440 • CWE-127: Buffer Under-read •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 1CVE-2024-8176 – Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
https://notcve.org/view.php?id=CVE-2024-8176
14 Mar 2025 — A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. It was discovered that Expat could crash due to stack overflow when p... • https://github.com/uthrasri/Expat_2.6.2_CVE-2024-8176 • CWE-674: Uncontrolled Recursion •
CVSS: 10.0EPSS: 0%CPEs: 40EXPL: 0CVE-2025-24201 – Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2025-24201
11 Mar 2025 — An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions o... • https://support.apple.com/en-us/122281 • CWE-787: Out-of-bounds Write •