Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from information disclosure in the WLAN HAL when processing WMI status message commands...

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

Design/Logic Flaw

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

CVE-2022-20917

CVE-2022-20917 describes a vulnerability in the XMPP message processing feature of Cisco Jabber. The issue arises from improper handling of nested XMPP messages in requests, enabling an authenticated, remote attacker to manipulate the content of XMPP messages used by the Jabber client and potenti...

Code injection

Processing an incomplete post-handshake message for a QUIC connection can cause a panic...

Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform

Cisco has released security fixes to address multiple security flaws, including a critical bug, that could be exploited by a threat actor to take control of an affected system or cause a denial-of service DoS condition. The most severe of the issues is CVE-2023-20238, which has the maximum CVSS...

CVE-2023-28513

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397...

PT-2023-21771 · Ibm · Ibm Mq Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.0 LTS through 9.3 LTS IBM MQ versions 9.2 CD through 9.3 CD IBM MQ Appliance versions 9.2 LTS through 9.3 LTS IBM MQ Appliance versions 9.2 CD through 9.2 LTS Description: The issue is caused by an error processing messages,...

IBM MQ Denial of Service (7007421)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7007421 advisory. - A denial of service DoS vulnerability exists in IBM MQ due to improper message processing. An unauthenticated, remote attacker can exploit this issue, via specially...

CVE-2022-36059 Prototype pollution in matrix-js-sdk

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...

Memory corruption

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg...

UBUNTU-CVE-2023-0616

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this...

CVE-2021-43529

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...

CVE-2021-43529

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...

SUSE CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...

CVE-2022-31741

A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

CVE-2022-27625

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band OOB Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology...

ALPINE-CVE-2022-42011

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. Bitdefender GravityZone...