CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

Linux Distros Unpatched Vulnerability : CVE-2019-12951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mongoose before 6.15. The parsemqtt function in mgmqtt.c has a critical heap-based buffer overflow. CVE-2019-12951 Note that Nessus...

CVE-2024-46935

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service DoS. Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser...

Denial Of Service (DoS)

@rocket.chat/message-parser is vulnerable to Denial Of Service DoS. The vulnerability is due to by crafted messages with specific characters crashing the workspace due to an issue in the message parser, allowing an attacker to exploit this weakness...

Denial of service in rocket chat message parser

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service DoS. Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser...

GHSA-6375-PG5J-8WPH Denial of service in rocket chat message parser

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service DoS. Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser...

@rocket.chat/core-typings (>=6.3.0 <=6.3.13), @rocket.chat/rest-typings (>=6.3.0 <=6.3.13) potentially affected by CVE-2024-46935 via @rocket.chat/message-parser (=0.31.24)

@rocket.chat/message-parser NPM version =0.31.24 is affected by a known vulnerability. The following packages have a transitive dependency on @rocket.chat/message-parser and may be impacted: - @rocket.chat/core-typings =6.3.0, =6.3.0, =6.3.13 Source cves: CVE-2024-46935 Source advisory:...

CVE-2024-46935

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service DoS. Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser...

CVE-2024-46935

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service DoS. Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser...

CVE-2024-46935

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service DoS. Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser...

PT-2024-32286 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions 6.12.0 through 6.7.8 and earlier Description: The issue allows attackers to craft messages with specific characters, potentially crashing the workspace due to a problem in the message parser. This can lead to a denial of...

CVE-2024-46935

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8 and earlier are affected by a Denial of Service due to an issue in the message parser that can be triggered by crafted messages. Impact is DoS with workspace crash; no exploitation details are provided in the documents. Affected components a...

CVE-2024-46935

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service DoS. Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser...

AZL-49027 CVE-2024-23185 affecting package dovecot 2.3.20-1

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

CVE-2024-23185

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

CVE-2023-6322 Stack-based buffer overflow in message parser functionality

A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger...

CVE-2023-6322 Stack-based buffer overflow in message parser functionality

A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger...

Malicious code in ok-message-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a80a6a3a1ffdd474bf80a592d152a61ed541b41acd3be180d2c1bd91be1fb7f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

dovecot -- multiple vulnerabilities

Aki Tuomi reports: lib-smtp doesn't handle truncated command parameters properly, resulting in infinite loop taking 100% CPU for the process. This happens for LMTP where it doesn't matter so much and also for submission-login where unauthenticated users can trigger it. Aki also reports: Snippet...

Valve: Unchecked weapon id in WeaponList message parser on client leads to RCE

Let's look at WeaponList message parser code in the HLSDK: cpp int CHudAmmo::MsgFuncWeaponListconst char pszName, int iSize, void pbuf BEGINREAD pbuf, iSize ; WEAPON Weapon; strcpy Weapon.szName, READSTRING ; Weapon.iAmmoType = intREADCHAR; Weapon.iMax1 = READBYTE; if Weapon.iMax1 == 255...