CVE-2025-10461 Global file reads caused by improper URL checks in webserver

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

PT-2026-25710

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains

Claude Code contained insufficient URL validation in its trusted domain verification mechanism for WebFetch requests. The application used a startsWith function to validate trusted domains e.g., docs.python.org, modelcontextprotocol.io, this could have enabled attackers to register domains like...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.161-2.6.12.0.AXS4 (AXSA:2017-2469:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2469:04 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...

ZITADEL 输入验证错误漏洞

ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the container and serverless era, open sourced by ZITADEL in Switzerland. ZITADEL suffers from an input validation error vulnerability that stems from a flaw in the URL validation mechanism th...

PT-2023-1320 · Netcomm · Netcomm Nf20Mesh +2

Name of the Vulnerable Software and Affected Versions: Netcomm NF20 versions Netcomm NF20MESH versions Netcomm NL1902 versions Description: The issue is related to an authentication bypass in the Netcomm router models. This allows an unauthenticated user to access content. The application checks...

JetBrains TeamCity 跨站请求伪造漏洞

JetBrains TeamCity is a distributed build management and continuous integration tool from JetBrains Czech Republic. The tool provides continuous unit testing, code quality analysis, and build issue analysis reporting.A security vulnerability exists in JetBrains TeamCity, which stems from the...

The vulnerability of the Microsoft Office suite arises from security flaws in the way URLs are checked, allowing attackers to redirect users to malicious websites.

The vulnerability of the Microsoft Office suite is related to deficiencies in security mechanisms when checking URL addresses. Exploiting this vulnerability allows a malicious actor to redirect users to a malicious website using a specially crafted file...