339 matches found
CVE-2023-53048
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix warning when handle discoveridentity message Since both source and sink device can send discoveridentity message in PD3, kernel may dump below warning: ------------ cut here ------------ WARNING: CPU: 0 PID:...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
✅ Result The server responded to an SSH message ID 80 0x5...
CVE-2022-49862
In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg-req tlv len check in tipcnlcompatnametabledumpheader This is a follow-up for commit 974cb0e3e7c9 "tipc: fix uninit-value in tipcnlcompatnametabledump" where it should have type casted sizeof.. to int to work whe...
Erlang/OTP 访问控制错误漏洞
Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. An access control error vulnerability exists in Erlang/OTP versions prior to 27.3.3, which stems from an SSH protocol message...
ejabberd -- mod_muc_occupantid: Fix handling multiple occupant-id
ejabberd team reports: Fixed issue with handling of user provided occupant-id in messages and presences sent to muc room. Server was replacing just first instance of occupant-id with its own version, leaving other ones untouched. That would mean that depending on order in which clients send...
CVE-2025-32914
A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...
CVE-2025-21947
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
SMF 跨站脚本漏洞
SMF Simple Machines Forum is a free, open source community forum project by Simple Machines Open Source. A cross-site scripting vulnerability exists in SMF version 2.1.4, which stems from improper manipulation of the subject/message parameter in the ManageNews.php file, which could lead to a...
Linux Distros Unpatched Vulnerability : CVE-2022-2663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was found in the Linux kernel in nfconntrackirc where the message handling can be confused and incorrectly matches the message. A firewall may be able ...
CVE-2024-58019
The CVE-2024-58019 vulnerability affects the Linux kernel nvkm/gsp read-pointer handling for GSP messages. The issue arises when advancing the read pointer uses only RPC header and body size, causing misinterpretation of the next message after a two-page GSP message in non-rollback cases. This ca...
RLSA-2025:1673 Important: mysql:8.0 security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...
CVE-2022-49542
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 with LOGTRACEEVENT, the following hard lockup call trace hangs the system. Call Trace: rawspinlockirqsave+0x32/0x40...
CVE-2025-0513
In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message...
PT-2025-6190 · Unknown · Octopus Server
Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue arises from the unsafe handling of error messages on the error page in affected versions of Octopus Server. If an adversary can control any part of the error message, they...
CVE-2022-25745
Memory corruption in modem due to improper input validation while handling the incoming CoAP message...
Multiple vulnerabilities in Defense Platform Home Edition
Overview Defense Platform Home Edition provided by Humming Heads Inc. contains multiple vulnerabilities listed below. Improper handling of message in specific process CWE-422 - CVE-2025-20094 Execution with unnecessary privileges CWE-250 - CVE-2025-22890 Improper handling of message in specific...
Denial Of Service (DoS)
github.com/ethereum/go-ethereum is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of incoming messages, which allows a specially crafted message to trigger a crash or shutdown of the node...
CVE-2024-10001 Code Injection Vulnerability in GitHub Enterprise Server Allows Arbitrary Code Execution via Message Handling
A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers to inject malicious code into the query selector via the identity property in the message handling function. This enabled the exfiltration of sensitive data by manipulating the DOM, including...