11 matches found
Elysia has a string URL format ReDoS
Impact t.String format: 'url' is vulnerable to redos Repeating a partial url format protocol and hostname multiple times cause regex to slow down significantly js 'http://a'.repeatn Here's a table demonstrating how long it takes to process repeated partial url format | n repeat | elapsedms | | --...
OESA-2026-1110 libpcap security update
This is the official web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture. Security Fixes: pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string...
AZL-73344 CVE-2025-11961 affecting package nmap for versions less than 7.95-3
pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function...
EUVD-2006-5530
Malware in sbrugna...
Improper validation of IPv6 and IPvFuture addresses
...
The vulnerability of the GENERAL_NAME_cmp function in the OpenSSL library, which allows a hacker to trigger a denial-of-service attack
The vulnerability of the GENERALNAMEcmp function in the OpenSSL library is related to the lack of a mechanism for data type conversion during the processing of x400 addresses. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
OpenJDK: Missing URL format validation (Networking, 8221518)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...
OpenJDK: Missing URL format validation (Networking, 8221518)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...
OpenJDK: Missing URL format validation (Networking, 8221518)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...
Server-Side Request Forgery (SSRF)
privateaddresscheck is vulnerable to server-side request forgery SSRF attacks. A malicious user can bypass the SSRF filter by passing a valid IP address of a different format. This is related to the OS-dependent Resolv.getaddresses within Ruby itself...
Mail relaying via IIS SMTP service
Unauthorized mail relayin then using speciall address format...