CVE-2023-28475

Concrete CMS previously concrete5 versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

CVE-2023-1201

Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains...

PT-2022-20523 · Discourse · Discourse-Chat

Name of the Vulnerable Software and Affected Versions: discourse-chat versions prior to 0.4 Description: The issue affects the discourse-chat plugin for the Discourse application, allowing an attacker who knows the message ID for a channel they do not have access to, to view that message using th...

CVE-2022-1425

The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the messageid of the wpqamessageview ajax action belongs to the requesting user, leading to any user being able to read messages for any other users via a Insecure Dire...

CVE-2022-28571

creationtimestamp| type| source ---|---|--- 2022-05-02 16:27:54+00:00| seen| https://t.me/cibsecurity/41719...

CVE-2021-40411

creationtimestamp| type| source ---|---|--- 2022-01-28 22:22:16+00:00| seen| https://t.me/cibsecurity/36491...

CVE-2021-20844

creationtimestamp| type| source ---|---|--- 2021-11-24 18:27:06+00:00| seen| https://t.me/cibsecurity/32951...

CVE-2017-18874

creationtimestamp| type| source ---|---|--- 2020-06-19 23:55:16+00:00| seen| https://t.me/cibsecurity/12932...

CVE-2020-6792

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird 68.5...

CVE-2020-6792

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird 68.5...

Mozilla: Message ID calculation was based on uninitialized data

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird 68.5...

Mozilla: Message ID calculation was based on uninitialized data

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird 68.5...

Mozilla: Message ID calculation was based on uninitialized data

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird 68.5...

MGASA-2020-0091 Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents CVE-2020-6792. When processing an email message with an ill-formed envelope, Thunderbird could read data from a random...

CVE-2019-13122

A Cross Site Scripting XSS vulnerability exists in the template tag used to render message ids in Patchwork v1.1 through v2.1.x. This allows an attacker to insert JavaScript or HTML into the patch detail page via an email sent to a mailing list consumed by Patchwork. This affects the function msg...

RHSA-2019:0010

creationtimestamp| type| source ---|---|--- 2019-01-02 17:33:53+00:00| seen| https://t.me/canyoupwnme/4933 2019-01-02 17:37:09+00:00| seen| https://t.me/antichat/3187...

Rspamd Cross-Site Scripting Vulnerability

Rspamd is a fast spam filtering system. The system evaluates and filters spam through regular expressions, statistical analysis and blacklists. A cross-site scripting vulnerability exists in the interface/js/app/history.js file of the WebUI in versions of Rspamd prior to 1.6.3. A remote attacker...

CISCO-SA-20170705-ESC1

creationtimestamp| type| source ---|---|--- 2017-07-09 21:01:58+00:00| seen| https://t.me/zatelecom/819...

Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/1748/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedure Call that takes place between differen...