UBUNTU-CVE-2026-44545

daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayl...

CVE-2026-44545

daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's WebSocketServerFactory. Because Autobahn defaults both values to 0 unlimited, an unauthenticated remote attacker could send arbitrarily large WebSocket messages or frames, causing excessive memory...

CVE-2025-62413 MQTTX vulnerable to cross-site scripting via improper message payload rendering

MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting XSS vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the MQTTX message viewer. ...

EUVD-2025-5249

Malicious code in bioql PyPI...

EUVD-2024-2795

Malicious code in bioql PyPI...

CVE-2025-21716 vxlan: Fix uninit-value in vxlan_vnifilter_dump()

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlanvnifilterdump KMSAN reported an uninit-value access in vxlanvnifilterdump 1. If the length of the netlink message payload is less than sizeofstruct tunnelmsg, vxlanvnifilterdump accesses bytes beyo...

CVE-2024-52324

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands...

Allocation Of Resources Without Limits

Eclipse Vert.x gRPC server is vulnerable to Allocation Of Resources Without Limits. The vulnerability is due to the gRPC server not limiting the maximum length of the message payload, allowing excessively large messages to be processed...

CVE-2024-8391

A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2024-8391

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

CVE-2024-8391

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

CVE-2024-8391

CVE-2024-8391 affects Eclipse Vert.x gRPC server components (io.vertx:vertx-grpc-server and vertx-grpc-client) across Vert.x 4.3.0–4.5.9. The underlying issue is an unbounded maximum payload length in the gRPC server, which can lead to memory exhaustion and denial of service. The fix is available...

CVE-2024-8391 Eclipse Vert.x gRPC server does not limit the maximum message size

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an insufficient length of the computed message payload 684...

CVE-2024-29195

The CVE-2024-29195 advisory concerns the azure-c-shared-utility C library used by the Azure IoT C SDK for AMQP/MQTT communication. The described issue is an integer wraparound/under-allocation/heap buffer overflow stemming from vulnerable parameter checking in the buffer length handling, which co...

Memory corruption

Memory corruption when malformed message payload is received from firmware...

CVE-2023-43516 Use of out-of-range pointer offset in Video

Memory corruption when malformed message payload is received from firmware...

CVE-2023-43516

CVE-2023-43516 is a memory-corruption vulnerability affecting Qualcomm chipsets where a malformed firmware message payload can trigger corruption. The CVE is tracked across multiple feeds (NVD, Red Hat, NCSC, etc.) and is categorized with CVSSv3.1 metrics: Local attacker, low privileges required,...

PT-2024-13089 · Qualcomm · Snapdragon +7

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue involves memory corruption that occurs when a malformed message payload is received from firmware. Recommendations: At the moment, there is no information about a newer versio...

CVE-2022-23958

creationtimestamp| type| source ---|---|--- 2022-03-03 00:25:17+00:00| seen| https://t.me/cibsecurity/38324...