CVE-2026-37231

FlexRIC v2.0.0 uses a uint16t counter for xappid assignment but stores the value in uint32t message fields. After 65,530+ E42SETUPREQUESTs, the 16-bit counter wraps around and produces duplicate xappids. The iApp port 36422 crashes when attempting to register a duplicate ID in its internal data...

CVE-2026-37231

FlexRIC v2.0.0 contains a bug where a uint16_t counter used for xapp_id assignment is stored in uint32_t message fields. After 65,530+ E42_SETUP_REQUESTs, the 16-bit counter wraps, causing duplicate xapp_ids. The iApp on port 36422 crashes when it attempts to register a duplicate ID within its in...

OESA-2026-1189 gsoap security update

The gSOAP Web services development toolkit offers an XML to C/C++ language binding to ease the development of SOAP/XML Web services in C and C/C++. Security Fixes: In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse ...

EUVD-2017-2316

Malware in sbrugna...

EUVD-2024-32779

Malicious code in bioql PyPI...

PocketMine-MP `ResourcePackDataInfoPacket` amplification vulnerability due to lack of resource pack sequence status checking

Summary A denial-of-service / out-of-memory vulnerability exists in the STATUSSENDPACKS handling of ResourcePackClientResponsePacket. PocketMine-MP processes the packIds array without verifying that all entries are unique. A malicious non-standard Bedrock client can send multiple duplicate valid...

Denial Of Service (DoS)

Mattermost is vulnerable to Denial of Service DoS. The vulnerability is due to the /api/v4/users/ids endpoint which lacks a duplicate id check. This allows an attacker to send a request with multiple identical IDs which can consume excessive resources...

PT-2023-32052 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: Mattermost fails to deduplicate input IDs, allowing a simple user to cause the application to consume excessive resources and possibly crash by sending a specially crafted request to...

OESA-2023-1659 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

UBUNTU-CVE-2023-28366

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function...

PT-2021-8167 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the perf env insert btf function when a duplicate BTF id is encountered. This function does not insert the duplicate id and causes a memory lea...

CVE-2017-10669

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs...