135 matches found
CVE-2025-11677
Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...
Libwebsockets 资源管理错误漏洞
Libwebsockets is a canonical libwebsockets web library open sourced by lws-team. A resource management error vulnerability exists in Libwebsockets that stems from a post-release reuse issue in the WebSocket server implementation that could lead to a denial of service attack...
EUVD-2020-0849
Malware in sbrugna...
EUVD-2018-0491
Malware in sbrugna...
EUVD-2020-2566
Malware in sbrugna...
EUVD-2020-1096
Malware in sbrugna...
EUVD-2019-11338
Malware in sbrugna...
EUVD-2024-25352
Malicious code in bioql PyPI...
EUVD-2025-0225
Malicious code in bioql PyPI...
Libsoup: denial of service attack to websocket server
...
AirKeyboard iOS App 1.0.5 - Remote Input Injection
Exploit Title: AirKeyboard iOS App 1.0.5 - Remote Input Injection Date: 2025-06-13 Exploit Author: Chokri Hammedi Vendor Homepage: https://airkeyboardapp.com Software Link: https://apps.apple.com/us/app/air-keyboard/id6463187929 Version: Version 1.0.5 Tested on: iOS 18.5 with AirKeyboard app '''...
CVE-2020-10101
An issue was discovered in Zammad 3.0 through 3.2. The WebSocket server crashes when messages in non-JSON format are sent by an attacker. The message format is not properly checked and parsing errors not handled. This leads to a crash of the service process...
CVE-2025-43855
tRPC allows users to build & consume fully typesafe APIs without schemas or code generation. In versions starting from 11.0.0 to before 11.1.1, an unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to cras...
tRPC 11 WebSocket DoS Vulnerability
Summary An unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to crash a tRPC 11 WebSocket server. Details Any tRPC 11 server with WebSocket enabled with a createContext method set is vulnerable. Here is a...
GHSA-PJ3V-9CM8-GVJ8 tRPC 11 WebSocket DoS Vulnerability
Summary An unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to crash a tRPC 11 WebSocket server. Details Any tRPC 11 server with WebSocket enabled with a createContext method set is vulnerable. Here is a...
CVE-2025-43855 tRPC 11 WebSocket DoS Vulnerability
tRPC allows users to build & consume fully typesafe APIs without schemas or code generation. In versions starting from 11.0.0 to before 11.1.1, an unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to cras...
tRPC 安全漏洞
tRPC is a TypeScript framework for building type-safe APIs from the tRPC community. A security vulnerability exists in tRPC version 11.0.0 that stems from an unhandled error that could cause the WebSocket server to crash...
PT-2025-17733 · Trpc · Trpc
Name of the Vulnerable Software and Affected Versions: tRPC versions 11.0.0 through 11.1.0 Description: The issue allows any unauthenticated user to crash a tRPC 11 WebSocket server by throwing an unhandled error when validating invalid connectionParams. This affects tRPC 11 servers with WebSocke...
CVE-2025-32049 Libsoup: denial of service attack to websocket server
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
CVE-2025-32049 Libsoup: denial of service attack to websocket server
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...