CVE-2026-10154

A vulnerability has been found in Dolibarr ERP CRM 23.0.0/23.0.1/23.0.2. The affected element is an unknown function of the file htdocs/user/messaging.php. Such manipulation of the argument ID leads to authorization bypass. The attack can be executed remotely. Upgrading to version 23.0.3 is...

EUVD-2006-7022

Malware in sbrugna...

EUVD-2021-17401

Malware in sbrugna...

EUVD-2009-4908

Malware in sbrugna...

EUVD-2023-45315

Malicious code in bioql PyPI...

CVE-2023-21391

In Messaging, there is a possible way to disable the messaging application due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-20437

In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242258929...

CVE-2022-20241

In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2021-39740

In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID...

CVE-2025-3645

CVE-2025-3645 : In Moodle, insufficient capability checks in a messaging web service allow a user to view other users’ names and online statuses. Documents confirm Moodle as affected; impact is user information disclosure (names and presence). Base score 4.3 (Medium) per CVSS 3.1 metrics. No expl...

pixiv: Bypassing Inbox Privacy Settings and Enabling Spam on Pixiv.net

A vulnerability was discovered in the messaging system of Pixiv.net. The vulnerability allowed any user to bypass the inbox privacy settings and send messages to another user who had disabled their inbox. The vulnerability was triggered by manipulating the id parameter in the message-sending POST...

CVE-2025-20139

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit thi...

CVE-2025-0513

In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message...

CVE-2025-22894

Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a...

Moodle Information Disclosure Vulnerability (CNVD-2024-46248)

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the fact that users with the Send Message feature...

Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs

Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows...

PT-2023-18166 · Messaging · Messaging

Name of the Vulnerable Software and Affected Versions: Messaging affected versions not specified Description: The issue is related to improper input validation in the Messaging application, which could lead to a remote denial of service. No additional execution privileges are needed, and user...

CVE-2023-40644

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of permission checking in Messaging. An attacker could exploit this vulnerability to cause information leakage...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of permission checking in Messaging. An attacker could exploit this vulnerability to cause information leakage...