CVE-2025-66480 Wildfire has Arbitrary File Upload via Directory Traversal in UploadFileAction

Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component related to the file upload functionality found in com.xiaoleilu.loServer.action.UploadFileAction. The application exposes an endpoint /fs that handles...

im-server 代码问题漏洞

im-server is an open-source instant messaging system developed by Wildfire. Versions of im-server prior to 1.4.3 contained code vulnerabilities. These vulnerabilities stemmed from improper handling of file upload functions within the im-server components, which led to improper filename processing...

CVE-2025-66911

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest method in UserServiceController.java allows any authenticated user to query the online status, device information, an...

CVE-2025-66911

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest method in UserServiceController.java allows any authenticated user to query the online status, device information, an...

EUVD-2008-0952

Malware in sbrugna...

EUVD-2007-3943

Malware in sbrugna...

CVE-2012-6274

BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...

openSUSE Security Update : pidgin (openSUSE-SU-2014:1397-1)

Update to version 2.10.10 : + General : - Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins...

Pidgin 2.10.10 Patches SSL MiTM, DoS Vulnerabilities

A handful of security vulnerabilities were patched in the most recent release of the Pidgin open source instant messaging client, Pidgin 2.10.10, including a SSL/TLS certificate validation issue that could be exploited in man-in-the-middle attacks. Reported by Jacob Appelbaum of the Tor Project,...

BigAnt IM Server DDNF username Field Remote Overflow

Added: 04/22/2013 BID: 58998 OSVDB: 92239 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt IM Server is vulnerable to buffer overflow in the expsrv.dll library as a result of improper validation of...

BigAnt IM Server DDNF username Field Remote Overflow

Added: 04/22/2013 BID: 58998 OSVDB: 92239 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt IM Server is vulnerable to buffer overflow in the expsrv.dll library as a result of improper validation of...

BigAnt IM Server DDNF username Field Remote Overflow

Added: 04/22/2013 BID: 58998 OSVDB: 92239 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt IM Server is vulnerable to buffer overflow in the expsrv.dll library as a result of improper validation of...

CVE-2012-6274

BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...

BigAnt IM Message server and components contain multiple vulnerabilities

Overview BigAnt IM Message server and components contain multiple vulnerabilities which could allow an attacker to perform administrative functions on the the system Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2012-6273During the SH...

CVE-2009-4660

Stack-based buffer overflow in the AntServer Module AntServer.exe in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660...

Stack overflow

Stack-based buffer overflow in the AntServer Module AntServer.exe in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660...

CVE-2009-4660

Stack-based buffer overflow in the AntServer Module AntServer.exe in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660...

CVE-2009-4660

CVE-2009-4660: BigAnt IM Server 2.50 has a stack-based buffer overflow in the AntServer.exe module (AntServer) that lets a remote attacker execute arbitrary code by sending a long GET request to TCP port 6660. Affected: BigAnt IM Server 2.50 (and related references note the BigAnt server family)....

BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability - Active Check

BigAnt IM Server is prone to a remote buffer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability

BigAnt IM Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user- supplied input. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in...