EUVD-2009-0931

Malware in sbrugna...

Security update for go-sendxmpp (moderate)

openSUSE Security Update: Security update for go-sendxmpp Announcement ID: openSUSE-SU-2025:0332-1 Rating: moderate References: 1241814 Cross-References: CVE-2025-22872 CVSS scores: CVE-2025-22872 SUSE: 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L Affected Products: openSUS...

Linux Distros Unpatched Vulnerability : CVE-2021-37601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information list of admins, members, owners, and banned entities of a...

Malicious code in @zalastax/nolb-muc (npm)

The package @zalastax/nolb-muc was found to contain malicious code...

MAL-2025-12423 Malicious code in @zalastax/nolb-muc (npm)

The package @zalastax/nolb-muc was found to contain malicious code...

ejabberd -- mod_muc_occupantid: Fix handling multiple occupant-id

ejabberd team reports: Fixed issue with handling of user provided occupant-id in messages and presences sent to muc room. Server was replacing just first instance of occupant-id with its own version, leaving other ones untouched. That would mean that depending on order in which clients send...

SUSE CVE-2010-0420

libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat MUC room is used, does not properly parse nicknames containing sequences, which allows remote attackers to cause a denial of service application crash via a crafted nickname...

muc-td.com Cross Site Scripting vulnerability OBB-2519479

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Security update for prosody (moderate)

openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:1173-1 Rating: moderate References: 1188976 Cross-References: CVE-2021-37601 CVSS scores: CVE-2021-37601 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP3 ...

Prosodical Thoughts Prosody 安全漏洞

Prosodical Thoughts Prosody is an open source application of Prosodical Thoughts. A modern XMPP communication server. Prosodical Thoughts Prosody is vulnerable to an information disclosure vulnerability that originates in muc.lib.lua in Prosody versions 0.11.0 through 0.11.9, which can be exploit...

PT-2021-21732 · Prosody +1 · Prosody +1

Name of the Vulnerable Software and Affected Versions: Prosody versions 0.11.0 through 0.11.9 Description: The issue allows remote attackers to obtain sensitive information, including the list of admins, members, owners, and banned entities of a Multi-User chat room, in some common configurations...

openSUSE Security Update : prosody (openSUSE-2021-728)

This update for prosody fixes the following issues : prosody was updated to 0.11.9 : Security : - modlimits, prosody.cfg.lua: Enable rate limits by default - certmanager: Disable renegotiation by default - modproxy65: Restrict access to local c2s connections by default - util.startup: Set more...

Security update for prosody (important)

openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:0751-1 Rating: important References: 1186027 Cross-References: CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes four...

Security update for prosody (important)

openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:0728-1 Rating: important References: 1186027 Cross-References: CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 Affected Products: openSUSE Leap 15.2 An update that fixes four vulnerabilities is now...

Fedora 32 : prosody (2020-a48bf86c27)

Prosody 0.11.7 ============== This is a security release for the 0.11.x stable branch. It is strongly recommended that all users upgrade to this release, especially those whose deployments have enabled modwebsocket. As well as upgrading, we recommend all public deployments to review and configure...

openSUSE Security Update : prosody (openSUSE-2019-414)

This update for prosody to version 0.10.2 fixes the following issues : This security issue was fixed : - CVE-2018-10847: Prevent insufficient validation of client-provided parameters during XMPP stream restarts. Authenticated users may have overriden the realm associated with their session,...

Fedora 28 : prosody (2018-18f8c6ce79)

Prosody 0.10.2 ============== See upstream's blog post at https://blog.prosody.im/prosody-0-10-2-security-release/ for a full overview of the release changes. Prosody 0.10.2 fixes a cross-host authentication vulnerability, CVE-2018-10847. The issue affects Prosody instances that have multiple...

openSUSE: Security Advisory for prosody (openSUSE-SU-2018:1632-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : prosody (openSUSE-2018-596)

This update for prosody to version 0.10.2 fixes the following issues : This security issue was fixed : - CVE-2018-10847: Prevent insufficient validation of client-provided parameters during XMPP stream restarts. Authenticated users may have overriden the realm associated with their session,...

Fedora 27 : prosody (2018-455803056d)

Prosody 0.10.2 ============== See upstream's blog post at https://blog.prosody.im/prosody-0-10-2-security-release/ for a full overview of the release changes. Prosody 0.10.2 fixes a cross-host authentication vulnerability, CVE-2018-10847. The issue affects Prosody instances that have multiple...