| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4035 | Libsoup: cookie domain validation bypass via uppercase characters in libsoup | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.3 | 2025-04-29 12:56:23 | Deep Dive |
| CVE-2025-3891 | Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled | - | - | High | 7.5 | 2025-04-29 11:56:51 | Deep Dive |
| CVE-2025-46421 | Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server | - | - | Medium | 6.8 | 2025-04-24 13:01:25 | Deep Dive |
| CVE-2025-46420 | Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c | - | - | Medium | 6.5 | 2025-04-24 12:58:01 | Deep Dive |
| CVE-2025-46400 | Xfig: fig2dev segmentation fault in read_arcobject | - | - | Medium | 5.5 | 2025-04-23 20:55:17 | Deep Dive |
| CVE-2025-46399 | Xfig: transfig: fig2dev segmentation fault vulnerability | - | - | Medium | 5.5 | 2025-04-23 20:55:15 | Deep Dive |
| CVE-2025-46398 | Xfig: fig2dev stack-overflow via read_objects | - | - | Medium | 5.5 | 2025-04-23 20:55:13 | Deep Dive |
| CVE-2025-46397 | Xfig: xfig: stack-overflow allows possible code execution via local input manipulation | - | - | High | 7.8 | 2025-04-23 20:55:10 | Deep Dive |
| CVE-2024-10306 | Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests | - | - | Medium | 5.4 | 2025-04-23 09:59:49 | Deep Dive |
| CVE-2025-32911 | Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value | - | - | Critical | 9.0 | 2025-04-15 15:39:35 | Deep Dive |
| CVE-2025-3576 | Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions | - | - | Medium | 5.9 | 2025-04-15 05:55:27 | Deep Dive |
| CVE-2025-32914 | Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process | - | - | High | 7.4 | 2025-04-14 14:45:46 | Deep Dive |
| CVE-2025-32912 | Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication | - | - | Medium | 6.5 | 2025-04-14 14:44:47 | Deep Dive |
| CVE-2025-32910 | Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authentication | - | - | Medium | 6.5 | 2025-04-14 14:43:20 | Deep Dive |
| CVE-2025-32909 | Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c | - | - | Medium | 5.3 | 2025-04-14 14:42:26 | Deep Dive |
| CVE-2025-32908 | Libsoup: denial of service on libsoup through http/2 server | - | - | High | 7.5 | 2025-04-14 14:00:30 | Deep Dive |
| CVE-2025-32907 | Libsoup: denial of service in server when client requests a large amount of overlapping ranges with range header | - | - | Medium | 5.3 | 2025-04-14 14:00:10 | Deep Dive |
| CVE-2025-32906 | Libsoup: out of bounds reads in soup_headers_parse_request() | - | - | High | 7.5 | 2025-04-14 13:58:40 | Deep Dive |
| CVE-2025-32913 | Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header | - | - | High | 7.5 | 2025-04-14 13:37:37 | Deep Dive |
| CVE-2025-3416 | Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch` | - | - | Low | 3.7 | 2025-04-08 18:24:22 | Deep Dive |