CVE-2025-11234

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

CVE-2023-5253

A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be...

PT-2024-1414 · Nozomi Networks +1 · Nozomi Networks Guardian +2

Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian and CMC affected versions not specified Description: A missing authentication check in the WebSocket channel used for the Check Point IoT integration may allow an unauthenticated attacker to obtain assets data without...

SUSE CVE-2016-5261

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR 45.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted packets that trigger incorrect buffer-resize operations durin...

The vulnerability in the io/channel-websock.c component of the QEMU hardware emulation software allows a hacker to induce a system failure.

The vulnerability of the io/channel-websock.c component of the QEMU hardware emulation software is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Firefox browser, which allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the WebSocketChannel class in the Firefox WebSockets subsystem is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code or trigger a service failure memory corruption using specially crafted packets that cause incorrect...

UBUNTU-CVE-2016-5261

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR 45.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted packets that trigger incorrect buffer-resize operations durin...

UBUNTU-CVE-2014-3165

Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigge...