PT-2026-41968

Summary The Mailpit SMTP server has a Server.MaxSize int field that controls the maximum allowed DATA payload size, but the field is never assigned anywhere outside test code, leaving it at Go's zero value 0 ⇒ "no limit". The same applies to the HTTP /api/v1/send endpoint, whose request body is...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986356)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986356 advisory. In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msg.len to CECMAXMSGSIZE I expect that the hardware will have limited this t...

Moderate: Red Hat Security Advisory: JBoss EAP XP 5.0 Update 1.0 release. See references for release notes.

JBoss EAP XP 5.0 Update 1.0 release. See references for release notes. JBoss EAP XP 5.0 Update 1.0 GA release. See references for release notes. Security Fixes: io.vertx/vertx-grpc: Vertx gRPC server does not limit the maximum message size CVE-2024-8391 For more details about the security issues,...

io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size

A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service...

CVE-2024-8391 Eclipse Vert.x gRPC server does not limit the maximum message size

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

UBUNTU-CVE-2023-46120

The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. maxBodyLebgth was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may...

Denial Of Service (DoS)

amqp-client is vulnerable to Denial Of Service DoS. The vulnerability exists because the library does not incorporate the maximum inbound message size into the ConnectionFactory. As a result, an attacker can potentially cause an application crash by sending excessively large messages, leading to ...

Unable to create MCS machine catalog due to large number of Provisioning Tasks

In rare cases, MCS machine catalog may fail to create with the following error -- Action Name: MCCreateMachineCatalogInitialzation Exception: DesktopStudioErrorId : UnknownError ErrorCategory : ResourceUnavailable DesktopStudioPowerShellHistory : Create Machine Catalog 'XXXXXXX' On analyzing the...

CVE-2020-27217

In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link establishment. While the AMQP...

Virtual Desktops 7.15 CU3 - On Studio - Machine catalogs, keeps spinning for long time and never displays the list of the machines.

Virtual Desktops 7.15 CU3 - On Studio - Machine catalogs, keeps spinning for long time and never displays the list of the machines. As per the CDF logs uploaded, there found exceptions related to communication for Get-ProvTask execution. 261057,0,2019/03/18 13:19:16:45184,6716,2288,1,Xendesktop...

OpenBSD DHCP server buffer overflow

Integer overflow with "maximum message size" option leads to buffer overflow...