CVE-2018-25361

Soroush IM Desktop App 0.17.0 contains an authentication bypass vulnerability that allows local attackers to remove passcodes by injecting pre-encrypted database entries using a constant encryption key. Attackers can inject malicious database records into the application's database files to unloc...

Malicious code in claw-subagent-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36657c2be433b784c573082d364304325acccf033f70df17dbfe104b0173ccbe claw-subagent-service installs itself as a privileged auto-starting system service Windows service via post-install.js svc.install, with documented...

[SECURITY] Fedora 42 Update: opensips-3.5.9-2.fc42

OpenSIPS or Open SIP Server is a very fast and flexible SIP RFC3261 proxy server. Written entirely in C, opensips can handle thousands calls per second even on low-budget hardware. A C Shell like scripting language provides full control over the server's behaviour. It's modular architecture allow...

CVE-2025-66480

Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component related to the file upload functionality found in com.xiaoleilu.loServer.action.UploadFileAction. The application exposes an endpoint /fs that handles...

CVE-2025-66480

Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component related to the file upload functionality found in com.xiaoleilu.loServer.action.UploadFileAction. The application exposes an endpoint /fs that handles...

CVE-2025-66480 Wildfire has Arbitrary File Upload via Directory Traversal in UploadFileAction

Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component related to the file upload functionality found in com.xiaoleilu.loServer.action.UploadFileAction. The application exposes an endpoint /fs that handles...

CVE-2025-66911

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest method in UserServiceController.java allows any authenticated user to query the online status, device information, an...

turms 安全漏洞

turms is an instant messaging engine from turms-im open source. A security vulnerability exists in turms v0.10.0-SNAPSHOT and prior versions, which stems from cross-site request forgery and could lead to elevation of privilege...

EUVD-2006-0146

Malware in sbrugna...

EUVD-2010-0939

Malware in sbrugna...

EUVD-2021-0132

Malware in sbrugna...

EUVD-2013-0564

Malware in sbrugna...

EUVD-2008-0952

Malware in sbrugna...

EUVD-2008-0953

Malware in sbrugna...

EUVD-2007-3848

Malware in sbrugna...

CVE-2009-2435

The Sametime server in IBM Lotus Instant Messaging and Web Conferencing 6.5.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...

[SECURITY] Fedora 42 Update: matrix-synapse-1.127.1-1.fc42

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

[SECURITY] Fedora 41 Update: matrix-synapse-1.118.0-4.fc41

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

[SECURITY] Fedora 40 Update: matrix-synapse-1.111.1-4.fc40

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

thunderbird: Unsanitized address book fields

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For...