Aggregator

CVE-2025-9086 | cURL up to 8.15.0 Cookie Path out-of-bounds (f24dc09d209a2f91ca38d)

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability marked as critical has been reported in cURL up to 8.15.0. This impacts an unknown function of the component Cookie Path Handler. Performing manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2025-9086. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.
vuldb.com

Dell PowerProtect Data Manager Flaw Allows System Compromise by Attackers

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 weeks 1 day ago

Dell has released a critical security update for its PowerProtect Data Manager (PPDM) platform, addressing multiple vulnerabilities that could allow attackers to compromise systems and execute arbitrary commands. The security advisory DSA-2025-326 reveals several high-severity flaws affecting versions 19.19 and 19.20 of the enterprise data protection solution. Critical Command Injection Vulnerabilities Discovered The most severe […]

The post Dell PowerProtect Data Manager Flaw Allows System Compromise by Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2025-10148 | cURL up to 8.15.0 WebSocket Mask generation of predictable numbers or identifiers (d78e129d50b2d1)

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability labeled as problematic has been found in cURL up to 8.15.0. This affects an unknown function of the component WebSocket Mask. Such manipulation leads to generation of predictable numbers or identifiers. This vulnerability is documented as CVE-2025-10148. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.
vuldb.com

Reflected XSS Flaw Enables Attackers to Evade Amazon CloudFront Protection Using Safari

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 weeks 1 day ago

A recent bug bounty discovery has drawn attention to a browser-specific reflected Cross-Site Scripting (XSS) vulnerability on help-ads.target.com. This flaw was found to bypass Amazon CloudFront’s Web Application Firewall (WAF) protections but could only be exploited on the Safari browser. The finding highlights the importance of testing for diverse browser behaviors during security assessments. Discovery […]

The post Reflected XSS Flaw Enables Attackers to Evade Amazon CloudFront Protection Using Safari appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Managed ad