2 matches found
CVE-2025-59421 Press vulnerable to email flooding to users due to lack of validation and rate limits
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. A bad actor can flood the inbox of a user by repeatedly sending invites duplicate. The issue is fixed in commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615...
The vulnerability of the PJSIP driver of the Asterisk IP-telephony system allows a hacker to trigger a service failure.
The vulnerability of the PJSIP driver of the Asterisk IP-telephony system is related to the improper handling of repeated INVITES after sending a BYE request. Exploiting this vulnerability allows an attacker who operates remotely to cause service failure...