CVE-2025-11234

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

CVE-2023-5253

A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be...

PT-2024-1414 · Nozomi Networks +1 · Nozomi Networks Guardian +2

Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian and CMC affected versions not specified Description: A missing authentication check in the WebSocket channel used for the Check Point IoT integration may allow an unauthenticated attacker to obtain assets data without...

SUSE CVE-2016-5261

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR 45.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted packets that trigger incorrect buffer-resize operations durin...

UBUNTU-CVE-2016-5261

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR 45.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted packets that trigger incorrect buffer-resize operations durin...

UBUNTU-CVE-2014-3165

Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigge...