Astra Linux - уязвимость в firebird3.0

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

OpenPrinting CUPS 资源管理错误漏洞

OpenPrinting CUPS is a standards-based open source printing system for Linux® and other Unix®-like operating systems from OpenPrinting, Inc. A resource management error vulnerability exists in OpenPrinting CUPS versions prior to 2.4.15, which stems from a client sending a slow message that could...

CVE-2025-47362

Information disclosure while processing message from client with invalid payload...

CVE-2025-47360

Memory corruption while processing client message during device management...

CVE-2025-47362 Buffer Over-read in Automotive Software platform based on QNX

Information disclosure while processing message from client with invalid payload...

CVE-2025-47362

CVE-2025-47362 affects an Automotive Software platform based on QNX . The issue is an information disclosure triggered by processing a client message with an invalid payload, attributed to a buffer over-read in the affected software component. Documented impact indicates high confidentiality risk...

CVE-2025-47360 Stack-based Buffer Overflow in Automotive Software platform based on QNX

Memory corruption while processing client message during device management...

CVE-2025-40989

Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectmessage/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a speciall...

CVE-2025-54989

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

CVE-2025-54989 Firebird XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

CVE-2025-54989 Firebird XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

aflnet_profuzzbench

It is an offensive tool for network protocols. The primary CVE ID is not present in the provided context, but the tool is an extension of American Fuzzy Lop AFL, which is a greybox fuzzer for protocol implementations. The tool, AFLNet, is seeded with a corpus of recorded message exchanges between...

CVE-2022-35804

SMB Client and Server Remote Code Execution Vulnerability...

sanlock bug fix and enhancement update

The sanlock packages provide a shared storage lock manager. Hosts with shared access to a block device or a file can use sanlock to synchronize their activities. VDSM and libvirt use sanlock to synchronize access to shared devices or files. Bug Fixes and Enhancements: bad client message causes...

libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...

CVE-2016-9050

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to...

CVE-2016-9050

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to...

Aerospike Database Server Client Message Memory Disclosure Vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be use...

QEMU 'vnc.c' Denial of Service Vulnerability

QEMU is an open source emulator software. An integer overflow vulnerability exists in QEMU's VNC display driver, located in vncclientread and protocolclientmsg, which can be exploited by a client user to cause the VNC driver to loop indefinitely, causing the QEMU process to crash, via a larger...

CVE-2007-0416

The WSEE runtime WS-Security runtime in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote attackers to bypass application security...