CVE-2026-6242

An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacker may inject crafted format strings into event subscription requests or notification generation pa...

mistune 跨站脚本漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of Python format strings to insert id and text values into tags without proper HTML escapin...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters We have added validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes caused by malformed format strings...

cybersec-hw1

cybersec-hw1 Homework 1 for Introduction to Computer Securi...

binary-exploitation-writeups

Binary Exploitation Writeups A collection of pwn challenges c...

PT-2026-27353

An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial‑of‑service DoS condition...

SUSE CVE-2025-68816

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

AZL-74430 CVE-2025-68816 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

CVE-2025-68816

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

UBUNTU-CVE-2025-68816

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

CVE-2025-68816 net/mlx5: fw_tracer, Validate format string parameters

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

CVE-2025-68816 net/mlx5: fw_tracer, Validate format string parameters

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

PT-2026-2548

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s networking subsystem, specifically the mlx5 firmware tracer, contained a flaw where format string parameters were not properly validated. This allowed potentially...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unvalidated format string parameters from the firmware, which could result in a crash or undefined behavior...

CVE-2022-31753

The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...

[SECURITY] Fedora 43 Update: rust-interpolator-0.5.0-3.fc43

Runtime format strings, fully compatible with std's macros...

[SECURITY] Fedora 42 Update: rust-interpolator-0.5.0-3.fc42

Runtime format strings, fully compatible with std's macros...

[SECURITY] Fedora 41 Update: rust-interpolator-0.5.0-3.fc41

Runtime format strings, fully compatible with std's macros...

OESA-2025-2613 perl-Spreadsheet-ParseExcel security update

The Spreadsheet::ParseExcel module can be used to read information from an Excel 95-2003 file. Security Fixes: Spreadsheet::ParseExcel version 0.65, a Perl module for parsing Excel files, is vulnerable to arbitrary code execution ACE due to passing unvalidated input from a file into a string-type...

OESA-2025-2508 perl-Spreadsheet-ParseExcel security update

The Spreadsheet::ParseExcel module can be used to read information from an Excel 95-2003 file. Security Fixes: Spreadsheet::ParseExcel version 0.65, a Perl module for parsing Excel files, is vulnerable to arbitrary code execution ACE due to passing unvalidated input from a file into a string-type...