EUVD-2018-13769

Malware in sbrugna...

EUVD-2010-0808

Malware in sbrugna...

EUVD-2018-13771

Malware in sbrugna...

EUVD-2012-2193

Malware in sbrugna...

CVE-2018-21256

An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions for group-message channel creation via the Group message slash command...

Humming Heads Defense Platform 安全漏洞

Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A security vulnerability exists in Humming Heads Defense Platform 3.9.51.x and prior versions that stems from an unprotected Windows message channel issue that could allow an attacker to execute arbitrary code...

DEBIAN-CVE-2020-11020

Faye NPM, RubyGem versions greater than 0.5.0 and before 1.0.4, 1.1.3 and 1.2.5, has the potential for authentication bypass in the extension system. The vulnerability allows any client to bypass checks put in place by server-side extensions, by appending extra segments to the message channel. It...

Authentication and extension bypass in Faye

On 20 April 2020 it was reported to me that the potential for authentication bypass exists in Faye1's extension system. This vulnerability has existed in the Node.js and Ruby versions of the server since version 0.5.0, when extensions were first introduced, in July 2010. It is patched in versions...

SUSE SLED12 / SLES12 Security Update : libssh2_org (SUSE-SU-2019:0655-1)

This update for libssh2org fixes the following issues : Security issues fixed : CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets bsc1128490. CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet bsc1128492...

SUSE SLES11 Security Update : libssh2_org (SUSE-SU-2019:13982-1)

This update for libssh2org fixes the following issues : Security issues fixed : CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets bsc1128490. CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet bsc1128492...

CVE-2018-1041

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop...

Red Hat JBoss Enterprise Application Platform RemoteMessageChannel Buffer Read Vulnerability

The Red Hat JBoss Enterprise Application Platform JBoss EAP is a subscription-based, open source Java EE application server runtime platform for building, deploying and hosting highly transactional Java applications and services. An empty buffer read error vulnerability exists in...

jboss-remoting: High CPU Denial of Service

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop...

jboss-remoting: High CPU Denial of Service

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop...

Tor: Crashes/Buffer at 0x2C0086,name=PBrowser::Msg_Destroy

Hi Team, Steps to Reproduce: 1. Open Tor 2. Navigate to string.html Where string.html : function tor var uristring = unescape"%u4141%u4141"; fori=0; i 3. 'Gah! This tab has crashed. However, running it to debug mode generates the below exception : !!! ParentMessageChannel Error:...

Type confusion

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution...

IBM WebSphere MQ MQI Call Target Channel Agent Crash Vulnerability

IBM WebSphere MQ is a solution for providing messaging services in the enterprise. A security vulnerability exists in IBM WebSphere MQ that allows a remote user to send a special MQI call to crash the target channel agent, stopping processing on other channels running under the same MCA...

Code injection

The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service invalid address alignment exception and daemon crash via vectors involving a multiplexed channel...

CVE-2012-2199

The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service invalid address alignment exception and daemon crash via vectors involving a multiplexed channel...