Medium: cups

Issue Overview: A client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. CVE-2025-58436 A user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. The...

CVE-2025-58436

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue...

CVE-2025-47362

Information disclosure while processing message from client with invalid payload...

CVE-2025-47360

Memory corruption while processing client message during device management...

CVE-2025-47360 Stack-based Buffer Overflow in Automotive Software platform based on QNX

Memory corruption while processing client message during device management...

CVE-2025-47360

CVE-2025-47360 affects an Automotive Software platform based on QNX. The issue is memory corruption (described as a stack-based buffer overflow) occurring while processing client messages during device management, with local attack vector and high impact on confidentiality, integrity, and availab...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing client messages in device management...

EUVD-2002-0311

Malware in sbrugna...

UBUNTU-CVE-2025-54989

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

PT-2025-33492

Name of the Vulnerable Software and Affected Versions: Firebird versions prior to 3.0.13 Firebird versions prior to 4.0.6 Firebird versions prior to 5.0.3 Description: Firebird is a relational database. A NULL pointer dereference denial-of-service vulnerability exists in Firebird when parsing XDR...

Cross Site Scripting (XSS)

uvdesk/community-skeleton is vulnerable to Cross Site Scripting XSS. The vulnerability exists because the library does not properly validate the messages sent by the clients in the ticket, which allows an attacker to inject and execute arbitrary JavaScript into the browser...

PT-2023-8454 · Systemd +7 · Systemd-Resolved +7

Name of the Vulnerable Software and Affected Versions: systemd-resolved affected versions not specified Description: The issue is related to insufficient authentication checks of messages from DNS clients in the systemd-resolved service, which manages network connections and domain name...

ARC Informatique PcVue Denial of Service Vulnerability

Pcvue is a multi-functional HMI-SCADA software from ARC Informatique, an all-in-one solution that monitors all aspects of a customer's assets.PcVue is used in a wide range of applications including industrial control, building management, energy management, smart grid, energy distribution,...

USN-3659-1 spice, spice-protocol vulnerability

Frediano Ziglio discovered that Spice incorrectly handled certain client messages. An attacker could possibly use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code...

DEBIAN-CVE-2017-15721

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468...

ALPINE-CVE-2017-15721

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468...

USN-3202-1 spice vulnerabilities

Frediano Ziglio discovered that Spice incorrectly handled certain client messages. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2002-0314

fasttrack p2p, as used in 1 KaZaA before 1.5, 2 grokster, and 3 morpheus allows remote attackers to cause a denial of service memory exhaustion via a series of client-to-client messages, which pops up new windows per message...

CVE-2002-0314

fasttrack p2p, as used in 1 KaZaA before 1.5, 2 grokster, and 3 morpheus allows remote attackers to cause a denial of service memory exhaustion via a series of client-to-client messages, which pops up new windows per message...