CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

EUVD-2026-32214

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...

freeipmi: buffer overflows on response messages via ipmi-oem

A flaw was found in FreeIPMI. The ipmi-oem program is used to send Intelligent Platform Management Interface IPMI OEM commands for specific hardware vendors to retrieve specific information from the hardware. A malicious server can reply with crafted response messages and cause buffer overflows...

ALSA-2026:20579 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

Update WhatsApp now: Two new flaws could expose you to malicious files

Meta has published a new security advisory for messaging app WhatsApp, announcing patches for two vulnerabilities. WhatsApp has fixed two security flaws that could be abused to interfere with how media and attachments are handled on your device. There is no evidence that either bug has been...

CVE-2026-33554

ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

CVE-2026-26193 Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...

CVE-2026-26193 Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...

EUVD-2022-55927

H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the 'txtUsrName' POST parameter. Attackers can submit different usernames to the loginsubmit.cgi endpoint and analyze response messages to distinguish between existing and non-existing...

CVE-2025-55179

Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We have not seen...

EUVD-2025-197992

Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We have not seen...

EUVD-2016-10549

Malware in sbrugna...

EUVD-2022-46985

Malicious code in bioql PyPI...

EUVD-2023-57827

Malicious code in bioql PyPI...

PT-2023-30673 · Kodbox · Kodbox

Name of the Vulnerable Software and Affected Versions: kodbox version 1.46.01 Description: The issue allows user enumeration, which is present on the login page. An attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption issue when parsing QMI firmware response messages...

CVE-2022-44023

PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by leveraging response messages for authentication attempts...

CVE-2021-28662

An input validation flaw was found in Squid. This issue could allow a remote server to perform a denial of service against all clients using the proxy when delivering HTTP response messages. The highest threat from this vulnerability is to system availability. Mitigation Mitigation for this issue...

HaE - BurpSuite Highlighter And Extractor

HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. Read Chinese simplified version READMEzh. Public Rules Website: https://gh0st.cn/HaE/ Introduction HaE is used to highlight HTTP requests and extract information from HTTP response...