CLSA-2026-1778170790 quagga: Fix of CVE-2018-5381

CVE-2018-5381: bgpd capability parser can enter an infinite loop on invalid OPEN messages whose Multi-Protocol capability has an unrecognized AFI/SAFI, causing a denial of service...

CVE-2026-33281

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing NGAP messages with invalid PDU Session IDs outside of 1-15. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected...

CVE-2026-33281 Ella Core panics on invalid PDU Session IDs in NGAP messages

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing NGAP messages with invalid PDU Session IDs outside of 1-15. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected...

EUVD-2020-12500

Malware in sbrugna...

EUVD-2009-1756

Malware in sbrugna...

EUVD-2007-5263

Malware in sbrugna...

EUVD-2023-1039

Malicious code in bioql PyPI...

EUVD-2022-36348

Malicious code in bioql PyPI...

CVE-2020-6881

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device...

CVE-2022-33305

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which stems from the NPU firmware being able to send invalid Inter-Process Communication IPC messages to the NPU driver without the driver validating the IPC messages...

CVE-2024-51750 Element allows a malicious homeserver can modify events leading to unrenderable events or rooms

Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85...

CVE-2024-51750 Element allows a malicious homeserver can modify events leading to unrenderable events or rooms

Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85...

Element 安全漏洞

Element is a Matrix web collaboration client from Element Open Source. A security vulnerability exists in Element versions prior to 1.11.85, which originates from a malicious master server that sends invalid messages...

USN-6372-1 dbus vulnerability

It was discovered that DBus incorrectly handled certain invalid messages. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service...

CVE-2023-20233

A vulnerability in the Connectivity Fault Management CFM feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect processing of invalid continuity check messages CCMs. ...

SUSE CVE-2023-24535

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

CVE-2023-24535

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

CVE-2023-24535

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

CVE-2023-24535

CVE-2023-24535 is a vulnerability in the Go protobuf handling in google.golang.org/protobuf where parsing a text-format message containing a minus sign, whitespace, and no further input can cause a panic. The issue is described across multiple sources (OSV and NVD entries) with the same descripti...