CVE-2005-1657

Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to 1 deletefolder.ctml, 2 deletemessage.ctml, 3 origmessage.ctml, or 4 readmessage.ctml, the Message.Id parameter to editmessage.ctm...

CVE-2023-40648

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-40644

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-40649

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-40645

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2022-38687

In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed...

CVE-2022-26103

Under certain conditions, SAP NetWeaver Real Time Messaging Framework - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks...

CVE-2019-18377

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user...

CVE-2023-49115

MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...

CVE-2025-23798

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ElbowRobo Mass Messaging in BuddyPress mass-messaging-in-buddypress allows Reflected XSS.This issue affects Mass Messaging in BuddyPress: from n/a through = 2.2.1...

CVE-2026-22535

An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured unencrypted MQTT communications protocol, write on the server topics of the board that controls the MQTT communications...

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The campaign has been codenamed Boto Cor-de-Rosa by Acronis Threat Research Unit. "The malware retrieves the...

CVE-2026-22535

An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured unencrypted MQTT communications protocol, write on the server topics of the board that controls the MQTT communications...

CVE-2019-12751

Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user...

PT-2026-21710

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A privilege escalation issue exists in the Messaging Syste...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992965)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992965 advisory. In the Linux kernel, the following vulnerability has been resolved: slimbus: messaging: Free transaction ID in delayed interrupt scenario In case of interrupt delay...

CVE-2022-50854 nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

CVE-2022-50838 net: stream: purge sk_error_queue in sk_stream_kill_queues()

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

EUVD-2025-205461

NanoMQ MQTT Broker NanoMQ is an Edge Messaging Platform. Prior to version 0.24.2, there is a classical data racing issue about sub info list which could result in heap use after free crash. This issue has been patched in version 0.24.2...

CVE-2025-66378

Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing a Proxy Node...