CVE-2026-25602

Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in xtprxrtssessionnew This patch improves error handling in scenarios where RTS Request to Send messages arrive frequently. It replaces the less informati...

PolarLearn 访问控制错误漏洞

PolarLearn is an online learning platform developed by PolarNL. Versions of PolarLearn prior to 0-PRERELEASE-16 contain access control vulnerability issues. This vulnerability stems from the use of WebSocket in group chats without the need for login, which may allow unverified clients to subscrib...

PT-2025-30872

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc6-syzkaller-00346-g5723cc3450bc Description A NULL pointer dereference issue exists in the vcc sendmsg function within the Linux kernel's atm subsystem. This occurs because atmarpd dev ops does not...

WordPress plugin Private Messages 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Private Messages plugin 2.1.10 and earlier versions are vulnerable to cross-site request...

CVE-2021-24997

The WP Guppy WordPress plugin before 1.3 does not have any authorisation in some of the REST API endpoints, allowing any user to call them and could lead to sensitive information disclosure, such as usernames and chats between users, as well as be able to send messages as an arbitrary user...

Zulip 访问控制错误漏洞

Zulip server is an open source team chat application from the American company Zulip. An Access Control Error vulnerability exists in versions of Zulip Server prior to 3.4, which results in a user with this privilege being able to send messages. No details of the vulnerability are provided at thi...

CVE-2016-11046

An issue was discovered on Samsung mobile devices with JBP4.3, KK4.4, and L5.0/5.1 software. Because of a misused whitelist, attackers can reach the radio layer aka RIL or RILD to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 May 2016...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...

IPhone TreasonSMS & WifiSMS - Multiple Web Vulnerabilities

Document Title: =============== IPhone TreasonSMS & WifiSMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=154 Release Date: ============= 2012-04-22 Vulnerability Laboratory ID VL-ID: ====================================...