CVE-2025-62175 Mastodon streaming API fails to disconnect disabled and suspended users

Mastodon is a free, open-source social network server based on ActivityPub. In versions before 4.4.6, 4.3.14, and 4.2.27, disabling or suspending a user account does not disconnect the account from the streaming API. This allows disabled or suspended accounts to continue receiving real-time updat...

CVE-2025-62175 Mastodon streaming API fails to disconnect disabled and suspended users

Mastodon is a free, open-source social network server based on ActivityPub. In versions before 4.4.6, 4.3.14, and 4.2.27, disabling or suspending a user account does not disconnect the account from the streaming API. This allows disabled or suspended accounts to continue receiving real-time updat...

Path Traversal

github.com/mattermost/mattermost-server is vulnerable to path traversal. The vulnerability is due to improper sanitization of file names, which allows an attacker with file upload permissions to overwrite file attachment thumbnails via file streaming APIs...

Asrmicro ASR1803 and ASR1806 Buffer Error Vulnerability

The Asrmicro ASR1803 and Asrmicro ASR1806 are chips from China's Avantage Technology Asrmicro. A security vulnerability exists in the Asrmicro ASR1803 and ASR1806, which is caused by a memory corruption in the IMS when calling the VoLTE streaming interface...

PT-2023-31301 · Asr +1 · Falcon +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a memory corruption problem in the IMS IP Multimedia Subsystem when calling the VoLTE Voice over LTE Streaming media Interface. No...

UBUNTU-CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...