glib: buffer overflow in set_connect_msg()

A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4CONNMSGLEN. This issue may lead to an application crash or other undefined behavior...

CVE-2025-9755

A vulnerability has been found in Khanakag-17 Library Management System up to 60ed174506094dcd166e34904a54288e5d10ff24. This affects an unknown function of the file /index.php. The manipulation of the argument msg leads to cross site scripting. Remote exploitation of the attack is possible. The...

Library Management System 安全漏洞

Library Management System is a library management system with QR code for attendance and automatic generation of library cards by King Albaracin Individual Developer. A security vulnerability exists in Library Management System, which is a result of cross-site scripting due to an incorrect...

PT-2025-35436

Name of the Vulnerable Software and Affected Versions: Khanakag-17 Library Management System affected versions not specified Description: A cross-site scripting issue exists in Khanakag-17 Library Management System. The vulnerability is related to the manipulation of the msg argument of the...

PT-2025-34488 · Dootask · Dootask

Name of the Vulnerable Software and Affected Versions: DooTask version 1.0.51 Description: An authenticated arbitrary file upload issue exists in the /msg/sendfiles component of DooTask version 1.0.51. This allows attackers to execute arbitrary code by uploading a crafted file. Recommendations: A...

CVE-2025-57765 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'pre_cadastro_adotante.php' parameter 'msg_e'

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting XSS vulnerability was identified in the precadastroadotante.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msge parameter. This...

PT-2025-34257 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.7 Description: WeGIA is a Web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability exists in the pre cadastro adotante.php endpoint. Attackers can inject malicious scripts through...

MAL-2025-26839 Malicious code in msg-calendar (npm)

The package msg-calendar was found to contain malicious code...

Malicious code in react-pdd-msg (npm)

The package react-pdd-msg was found to contain malicious code...

Malicious code in msg-calendar (npm)

The package msg-calendar was found to contain malicious code...

MAL-2025-31843 Malicious code in react-pdd-msg (npm)

The package react-pdd-msg was found to contain malicious code...

PT-2025-31762 · Iperf +2 · Iperf +2

Name of the Vulnerable Software and Affected Versions: iperf versions prior to 3.19.1 Description: The software contains a buffer overflow in net.c when the --skip-rx-copy option is used in conjunction with MSG TRUNC during the recv operation. Recommendations: Update to iperf version 3.19.1 or...

Chat System send_message.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter msg in the file /user/sendmessage.php. An attacker can exploit this vulnerability to execute illegal SQL commands...

glib: buffer overflow in set_connect_msg()

A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4CONNMSGLEN. This issue may lead to an application crash or other undefined behavior...

CVE-2025-53824

CVE-2025-53824 concerns WeGIA, an open source web manager. A Reflected XSS exists in the editar_permissoes.php endpoint (pre-3.4.4) via the msg_c parameter. The flaw could allow injection of script code when a user is reflected, with the official fix in version 3.4.4. No exploitation details are ...

CVE-2025-7408

A vulnerability has been found in SourceCodester Zoo Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/templates/animalformtemplate.php. The manipulation of the argument msg leads to cross site scripting. The attack can be initiated...

SourceCodester Zoo Management System 代码注入漏洞

SourceCodester Zoo Management System is a SourceCodester open source zoo management system. A code injection vulnerability exists in SourceCodester Zoo Management System version 1.0, which originates from a cross-site script that can be caused by manipulation of the parameter msg in file...

DEBIAN-CVE-2022-50172

In the Linux kernel, the following vulnerability has been resolved: mt76: mt76x02u: fix possible memory leak in mt76x02umcusendmsg Free the skb if mt76ubulkmsg fails in mt76x02umcusendmsg routine...

UBUNTU-CVE-2022-50172

In the Linux kernel, the following vulnerability has been resolved: mt76: mt76x02u: fix possible memory leak in mt76x02umcusendmsg Free the skb if mt76ubulkmsg fails in mt76x02umcusendmsg routine...

The vulnerability of the msg_process() function in TOTOLINK CA600-PoE router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the msgprocess function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken at the control level during the processing of the URL parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...