CVE-2025-11961

A flaw was found in libpcap. The pcapetheraton function, which processes MAC-48 addresses, does not properly validate input strings. An application that calls this function with a malformed address string can cause the function to read or write data beyond its intended memory boundaries. This can...

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2025-1275)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1275 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

AZL-64550 CVE-2025-38111 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed ...

UBUNTU-CVE-2024-22262

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

Obsidian 安全漏洞

Plesk Obsidian is a hosting control panel from the Swiss company Plesk. Obsidian suffers from a security vulnerability that stems from not requiring the user to validate a non-http https url...

KLA10601 Multiple vulnerabilities in Microsoft products

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1...