CVE-2026-46177

In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said it was done. To avoid issues with BMCs that never say they are done, add a limit of 10 fetches at a...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of restrictions on IPMI events and the reception of message requests. This vulnerability could...

EUVD-2021-27309

Malware in sbrugna...

UBUNTU-CVE-2025-47779

Asterisk is an open-source private branch exchange PBX. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, SIP requests of the type MESSAGE RFC 3428 authentication do not get proper alignment. An authenticated attacker...

Asterisk 安全漏洞

Asterisk is an Asterisk open source software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk has a security vulnerability that stems from improper authentication of SIP MESSAGE requests, which could lead to identity forgery and spamming...

Apache Johnzon 代码问题漏洞

Apache Johnzon is the United States Apache Apache company provides a JsonProcessing aka JSR-353 implementation of the project. A denial of service vulnerability exists in Apache Johnzon versions prior to 1.2.21, which stems from the program mishandling a large number of message requests and can b...

NETGEAR RAX30 Denial of Service Vulnerability

The NETGEAR RAX30 is a dual-band wireless router from NETGEAR. The NETGEAR RAX30 suffers from a denial of service vulnerability that stems from mishandling a large number of message requests, which can be exploited by an attacker to pass through a file large enough to cause the device to run out ...

OPC UA Legacy Java Stack Denial of Service Vulnerability

OPC UA Legacy Java Stack is a legacy support for the Java version of OPC UA from the OPC Foundation in the U.S. A denial of service vulnerability exists in OPC UA Legacy Java Stack version 2022-04-01, which stems from improper handling of a large number of message requests, and could be exploited...

OPC UA Legacy Java Stack 资源管理错误漏洞

OPC UA Legacy Java Stack is a legacy support for the Java version of OPC UA from the OPC Foundation in the U.S. A denial of service vulnerability exists in OPC UA Legacy Java Stack version 2022-04-01, which stems from improper handling of a large number of message requests, and could be exploited...

IBM DataPower Gateway 资源管理错误漏洞

IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates, and optimizes access across channel...

PHPSHE denial of service vulnerability

PHPSHE is a set of online shopping mall system of Lingbao Jane Good Network Technology Co. The system supports express tracking, online chat, order evaluation and statistics and other functions. A denial-of-service vulnerability exists in PHPSHE version V1.8, which originates from mishandling a...

GitLab Denial of Service Vulnerability (CNVD-2022-25197)

GitLab is an open source, end-to-end software development platform from the U.S. company GitLab, with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A denial of service vulnerability exists in GitLab CE/EE versions...

GitLab 资源管理错误漏洞

GitLab is an open source, end-to-end software development platform from the U.S. company GitLab, with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A denial of service vulnerability exists in GitLab CE/EE versions...

ALPINE-CVE-2021-37624

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message...

Race condition

A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper handling of large series of message requests. An attacker could exploit this vulnerability...

Cisco Meeting Server资源管理错误漏洞

Cisco Meeting Server Acano Conferencing Server is a suite of audio and video conferencing server software from Cisco. Cisco Meeting Server suffers from a resource management error vulnerability that originates from mishandling a large number of message requests. An attacker could exploit this...

CVE-2014-8487

Kony Management aka Enterprise Mobile Management or EMM 1.2 and earlier allows remote authenticated users to read 1 arbitrary messages via the messageId parameter to selfservice/managedevice/getMessageBody or 2 requests via the requestId parameter to selfservice/devicemgmt/getDeviceInfoTab.htm...