PT-2023-10571 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: The issue concerns buffer overflow vulnerabilities in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow,...

CVE-2017-20106

A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...

Server side request forgery (ssrf)

A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...

CVE-2017-20106

The CVE-2017-20106 entry concerns Lithium Forum 2017 Q1. A server-side request forgery (SSRF) vulnerability arises from manipulating the upload_url argument in the Compose Message Handler component. The attack requires local access, and public exploits have been disclosed. Documented impact indic...

CVE-2017-20106 Lithium Forum Compose Message server-side request forgery

A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...

CVE-2019-25069

A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure ASP.NET. The attack may be initiated remotely...

CVE-2019-25069 Axios Italia Axios RE Error Message ASP.NET information disclosure

A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure ASP.NET. The attack may be initiated remotely...

CVE-2019-25069 Axios Italia Axios RE Error Message ASP.NET information disclosure

A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure ASP.NET. The attack may be initiated remotely...

Axios Italia Axios RE 信息泄露漏洞

Axios Italia Axios RE is a suite of electronic enrollment software for campus management. A security vulnerability exists in Axios Italia Axios RE 1.7.0/7.0.0 that originates from a problem with the component error message handler. An attacker can exploit the vulnerability to obtain sensitive...

PT-2025-53989

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ath11k module related to the initialization of the qmi msg handler data structure. Specifically, the qmi msg handler requires null termination by the...

Brave Software: Universal XSS with Playlist feature

A Universal XSS vulnerability was discovered in Brave iOS versions 1.32.3 and higher. The vulnerability was caused by three weaknesses, including the exposure of UserScriptManager.securityToken and UserScriptManager.messageHandlerToken, as well as a UXSS vulnerability in PlaylistHelper through...

PT-2021-8141 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.18.0.x86 64 46 and 47 Description: The vulnerability in the Linux kernel is related to a use-after-free UAF issue when uninstalling the ipmi si and ipmi msghandler modules. This can cause the system to crash. The issue...

Privilege Escalation

firefox is vulnerable to privilege escalation. The vulnerability exists due to the unknown processing of the component Text Message Handler...

Cisco Firepower Threat Defense Denial of Service Vulnerability (CNVD-2021-50578)

Cisco Firepower Threat Defense FTD is unified software that provides next-generation firewall services. A denial-of-service vulnerability exists in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense, which can be exploited by an attacker to cause a process crash by sendi...

Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43446)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the DHCP message handler of the Cisco IOS XE used by the Cisco cBR-8 Converged Broadband Router, which can be exploited by an attacker ...

CVE-2020-3509

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service DoS condition. The vulnerability is due to insufficient erro...

CVE-2020-3509

CVE-2020-3509 affects Cisco IOS XE with the cBR-8 Converged Broadband Router. The root cause is insufficient error handling while parsing DHCPv4 messages in the DHCP message handler, allowing an unauthenticated, remote attacker to crash the supervisor and cause a DoS via a malicious DHCPv4 packet...

CVE-2019-11859

A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4325-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4325-1 advisory. It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local...

USN-4325-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...