CVE-2026-22868

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8...

ROS-20240826-17

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service Vulnerability of...

CVE-2024-6793

A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions...

CVE-2024-6793 Deserialization of Untrusted Data in NI VeriStand DataLogging Server

A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions...

CVE-2024-6793

CVE-2024-6793 describes a deserialization of untrusted data vulnerability in NI VeriStand DataLogging Server that can lead to remote code execution. Affected: NI VeriStand up to and including 2024 Q2 (prior versions). Exploitation requires a specially crafted message; in ZDI, authentication is no...

RHEL 6 : libssh2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libssh2: Out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - A...

CVE-2024-6407

CWE-200: Information Exposure vulnerability exists that could cause disclosure of credentials when a specially crafted message is sent to the device...

CVE-2024-6407

CVE-2024-6407 affects Schneider Electric Wiser Home Controller WHC-5918A. The vulnerability is an Information Exposure issue that could disclose credentials when a specially crafted message is sent to the device. Reported as CWE-200; CVSS metrics indicate network-exposed impact with high confiden...

CVE-2022-1941

A parsing vulnerability for the MessageSet type in the ProtocolBuffers can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input...

CVE-2023-6322 Stack-based buffer overflow in message parser functionality

A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger...

CVE-2024-1914

An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible. The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific condition when specially...

CVE-2024-1914

CVE-2024-1914 affects ABB RobotWare components (IRC5 and OmniCore) with vulnerable RobotWare 6.x < 6.15.06 (except 6.10.10 and 6.13.07) and RobotWare 7.x

CVE-2024-1913

An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible, or execute arbitrary code. The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

CVE-2023-5407

Controller denial of service due to improper handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning...

CVE-2023-5405

Server information leak for the CDA Server process memory can occur when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning...

CVE-2023-5405

CVE-2023-5405 affects Honeywell Experion PKS/LX/PlantCruise by Experion and Safety Manager/Safety Manager SC. A memory information leak in the CDA Server process occurs when an error response is generated to a specially crafted message, with the root cause described in the advisory as an out-of-b...

Mattermost Cross-Site Request Forgery Vulnerability (CNVD-2024-09864)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a cross-site request forgery vulnerability that stems from the Jira plugin's inability to prevent logout CSRF, which can be exploited by an attacker to post a specially crafted...

CVE-2024-23319

Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message...

Stack overflow

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to...