GHSA-QR9H-X63W-VQFM OpenMLS improper persistence of the secret tree during message processing

Summary A bug in the OpenMLS library prevented private key material from being updated in storage during message processing. The key material in question are the keys stored in the MLS secret tree, which are used for decryption of private MLS messages. The effects of the bug are limited in scope,...

OpenMLS improper persistence of the secret tree during message processing

Summary A bug in the OpenMLS library prevented private key material from being updated in storage during message processing. The key material in question are the keys stored in the MLS secret tree, which are used for decryption of private MLS messages. The effects of the bug are limited in scope,...

CVE-2025-27077

Memory corruption while processing message in guest VM...

CVE-2025-27077

CVE-2025-27077 pertains to memory corruption in Qualcomm chipsets when processing messages in a guest VM. The vulnerability affects the guest/VMM interaction, with the underlying cause described as memory corruption during message handling inside the VM. CVSS 3.1 vector indicates Local attack vec...

PT-2025-39276

Name of the Vulnerable Software and Affected Versions versions prior to 2025-27077 Description A memory corruption issue exists when processing messages within a guest virtual machine. The issue may lead to unpredictable behavior or system compromise. Recommendations At the moment, there is no...

CVE-2025-27051

CVE-2025-27051 affects Qualcomm WLAN Host memory handling, with memory corruption occurring while processing a command message. The CVSS 3.1 vector (Local attack, Low complexity, Low privileges, no user interaction) yields a base score of 7.8 (High impact for confidentiality, integrity, and avail...

webkitgtk: Processing a maliciously crafted mail message may lead to running arbitrary javascript

A vulnerability was found in WebKitGTK. The vulnerability exists due to improper input validation in WebKit when processing email messages. This flaw allows a remote attacker to trick the victim into opening a specially crafted email message and execute arbitrary JavaScript code...

CVE-2023-28907

There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3...

CVE-2023-28907

There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3...

PT-2025-27311 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment affected versions not specified Description: The issue is related to the lack of memory isolation between CPU cores of the MIB3 infotainment, allowing an attacker with access to the main operating system to compromise the CP...

CVE-2025-20152

A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain RADIUS requests. An attacker...

CVE-2024-27800

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a maliciously crafted message may lead to a...

CVE-2024-34057

Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service...

CVE-2023-28513

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397...

CVE-2022-30551

OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources...

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

CVE-2020-3673

u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2020-9096

HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160C00E160R2P8 have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause...

CVE-2020-1901

Receiving a large text message containing URLs in WhatsApp for iOS prior to v2.20.91.4 could have caused the application to freeze while processing the message...

CVE-2019-14012

Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8905,...