CVE-2025-22927

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php=save...

CVE-2025-22930

OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the groupid parameter at /messaging/Group.php...

CVE-2025-20139

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit thi...

CVE-2025-31132

Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10...

CVE-2025-22930

OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the groupid parameter at /messaging/Group.php...

CVE-2025-22926

CVE-2025-22926 affects OS4ED openSIS versions 8.0–9.1. The issue is a directory traversal vulnerability triggered by a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename, allowing traversal outside the intended directory. Affects file- or path-based access as d...

CVE-2025-22930

Summary: OS4ED openSIS versions 7.0–9.1 are documented to contain a SQL injection vulnerability via the groupid parameter in the endpoint /messaging/Group.php . The issue appears in multiple feeds (NVD, Red Hat, OSV, CVE listings) and is characterized by an injection flaw in a user-supplied group...

CVE-2025-20139

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit thi...

Cisco Enterprise Chat and Email Denial of Service Vulnerability

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit thi...

PT-2025-14530 · Cisco · Cisco Expressway Series +2

Name of the Vulnerable Software and Affected Versions: Cisco Enterprise Chat and Email ECE affected versions not specified Description: A vulnerability exists in the chat messaging features of Cisco Enterprise Chat and Email ECE that could allow a remote, unauthenticated attacker to cause a...

DEBIAN-CVE-2025-21914

In the Linux kernel, the following vulnerability has been resolved: slimbus: messaging: Free transaction ID in delayed interrupt scenario In case of interrupt delay for any reason, slimdotransfer returns timeout error but the transaction ID TID is not freed. This results into invalid memory acces...

UBUNTU-CVE-2025-21914

In the Linux kernel, the following vulnerability has been resolved: slimbus: messaging: Free transaction ID in delayed interrupt scenario In case of interrupt delay for any reason, slimdotransfer returns timeout error but the transaction ID TID is not freed. This results into invalid memory acces...

CVE-2025-21914

In the Linux kernel, the following vulnerability has been resolved: slimbus: messaging: Free transaction ID in delayed interrupt scenario In case of interrupt delay for any reason, slimdotransfer returns timeout error but the transaction ID TID is not freed. This results into invalid memory acces...

CVE-2025-31132

Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10...

CVE-2025-31132 Raven allows Remote Code Execution due to improper validation

Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10...

CVE-2025-31132 Raven allows Remote Code Execution due to improper validation

Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10...

CVE-2024-54362

creationtimestamp| type| source ---|---|--- 2025-03-28 15:28:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9375 2025-03-28 17:45:32+00:00| seen| https://t.me/cvedetector/21450...

BIT-DISCOURSE-2025-24972 Discourse may bypass user preference when adding users to chat groups

Discourse is an open-source discussion platform. Prior to versions 3.3.4 on the stable branch and 3.4.0.beta5 on the beta branch, in specific circumstances, users could be added to group direct messages despite disabling direct messaging in their preferences. Versions 3.3.4 and 3.4.0.beta5 contai...

SignalGate Is Driving the Most US Downloads of Signal Ever

Scandal surrounding the Trump administration’s Signal group chat has led to a landmark week for the encrypted messaging app’s adoption—its “largest US growth moment by a massive margin.”...

CVE-2025-24972

Discourse is an open-source discussion platform. Prior to versions 3.3.4 on the stable branch and 3.4.0.beta5 on the beta branch, in specific circumstances, users could be added to group direct messages despite disabling direct messaging in their preferences. Versions 3.3.4 and 3.4.0.beta5 contai...