EUVD-2025-34072

Vickey is a Misskey-based microblogging platform. A vulnerability exists in Vickey prior to version 2025.10.0 where unexpired email confirmation links can be reused multiple times to send repeated confirmation emails to a verified email address. Under certain conditions, a verified email address...

CVE-2025-9071 Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

Denial of Service (DoS)

Overview google-protobuf is a Google's data interchange format. Affected versions of this package are vulnerable to Denial of Service DoS when providing inputs containing multiple instances of non-repeated embedded messages, with repeated or unknown fields. The vulnerability exists due to a parsi...

Nanopb Buffer Error Vulnerability

Nanopb is a protocol buffer implementation for microprocessors by the individual developers of Nanopb. A buffer error vulnerability exists in Nanopb version 0.4.4 and versions prior to 0.3.9.7, which stems from the possibility that a decoded message in a particular format may leak memory if dynam...

CVE-2019-5293

Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal...

Vulnerability in JP1/Automatic Job Management System 3

Overview A vulnerability to denial-of-service attacks was found in JP1/Automatic Job Management System 3. Impact Attackers can exploit this vulnerability to cause a denial-of-service attack by sending ill-intended messages repeatedly from a malicious host in the network. Solution Please refer to...