111 matches found
CVE-2026-7090 code-projects Chat System send_message.php cross site scripting
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
EUVD-2026-25774
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
PT-2026-35356
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send message.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()
...
CVE-2026-31608
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smbdirectfreesendmsg after smbdirectflushsendlist smbdirectflushsendlist already calls smbdirectfreesendmsg, so we should not call it again after postsendmsg moved it to the batch list...
EUVD-2026-25501
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smbdirectfreesendmsg after smbdirectflushsendlist smbdirectflushsendlist already calls smbdirectfreesendmsg, so we should not call it again after postsendmsg moved it to the batch list...
PT-2026-34960
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the SMB server component. The function smb direct flush send list already invokes smb direct free sendmsg, leading to a second call to smb direct free sendm...
can: isotp: fix tx.buf use-after-free in isotp_sendmsg()
...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011294)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011294 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...
CVE-2026-5536
A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpcserver.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...
EUVD-2019-20056
LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service...
CVE-2019-25660
LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service...
CVE-2019-25660 LanHelper 1.74 Denial of Service via Buffer Overflow
LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service...
CVE-2019-25660
LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service...
CVE-2019-25660
CVE-2019-25660 concerns LanHelper 1.74, with a local buffer overflow in the Form Send Message feature. The vulnerability allows an attacker to crash the application by supplying excessively long input strings (e.g., 6000 bytes in the Message text field), resulting in a denial-of-service condition...
CVE-2026-5536
FedML-AI prior to 0.8.9 contains a deserialization vulnerability in the gRPC server component, specifically the sendMessage function in grpc_server.py. The issue allows remote manipulation that can lead to deserialization of crafted input, potentially impacting confidentiality, integrity, and ava...
PT-2026-30469
LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we set sk-skwmemalloc based on account skb-truesize using atmaccounttx. This change is expected to be reverted by atmpopraw, which is called later in...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38190)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38190 advisory. - In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if...