CVE-2026-3185

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

CVE-2025-55996

Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface...

PT-2024-3291

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 6.1.2 Description The default configuration does not secure the API web context, which houses the Jolokia JMX REST API and the Message REST API. This allows unauthorized users to access these layers without...

CVE-2023-41781

There is a Cross-site scripting XSS vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered...

PT-2023-20212 · Zte · Zte Mobile Internet

Name of the Vulnerable Software and Affected Versions: ZTE mobile internet products affected versions not specified Description: The issue is related to a SQL injection vulnerability due to insufficient input validation of the SMS interface parameter. An authenticated attacker could exploit this ...

kernel: Heap buffer overflow in firedtv driver

A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...