GHSA-274Q-79Q9-52J7 Character injection in Hubble CLI

Impact A network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output. This could be leveraged to conceal log entries, rewrite output, or even make the terminal temporarily unusable. Exploitatio...

CVE-2025-48056

Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output...

CVE-2025-48056

CVE-2025-48056 affects the Hubble CLI before v1.17.2. A network attacker could inject malicious control characters into Hubble CLI terminal output, potentially compromising integrity and allowing concealing of log entries, rewriting output, or making the terminal temporarily unusable. Exploitatio...

USN-7509-1: .NET vulnerability

It was discovered that .NET did not properly handle file names and paths under certain conditions. An attacker could possibly use this issue to perform spoofing over a network...

CVE-2025-29968

Improper input validation in Active Directory Certificate Services AD CS allows an authorized attacker to deny service over a network...

CVE-2025-29967

Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network...

CVE-2025-29971

Out-of-bounds read in Web Threat Defense WTD.sys allows an unauthorized attacker to deny service over a network...

CVE-2025-29963

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network...

CVE-2025-29962

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network...

CVE-2025-29956

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network...

CVE-2025-29835

Out-of-bounds read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

CVE-2025-29956

Technical details (affected components, vulnerable versions, exploitability, and remediation) are not provided in the supplied documents. Monitor for updates from official advisories and vendor advisories for CVE-2025-29956.

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2025-2850)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.452.b09-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2850 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product ...

CVE-2025-4446

A vulnerability has been found in H3C GR-5400AX up to 100R008 and classified as critical. This vulnerability affects the function EditListSSID of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack needs to be approached within the local network...

CVE-2025-33074

Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...

CVE-2025-24206

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication polic...

CVE-2025-24270

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information...

CVE-2025-30422

A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination...

CVE-2025-30422

A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...

CVE-2025-30422

CVE-2025-30422 is a buffer overflow vulnerability in Apple’s AirPlay ecosystem (AirPlay audio SDK, AirPlay video SDK, and CarPlay Communication Plug-in). The issue, exploited by improper input handling, could allow an attacker on the same local network to trigger an unexpected application termina...