Aggregator

A vulnerability described as critical has been identified in Apple watchOS. Affected by this vulnerability is an unknown functionality of the component Web Contents Handler. Executing manipulation can lead to use after free. This vulnerability is registered as CVE-2023-40414. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

A vulnerability categorized as critical has been discovered in WebKitGTK and WPE WebKit up to 2.41.x. This affects an unknown part of the component MediaRecorder API. The manipulation results in use after free. This vulnerability is known as CVE-2023-39928. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability classified as problematic has been found in Apple macOS. Affected by this issue is some unknown functionality of the component WebKit. This manipulation causes use after free. This vulnerability appears as CVE-2023-40414. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Apple iOS and iPadOS. Affected is an unknown function of the component Web Contents Handler. Performing manipulation results in use after free. This vulnerability is cataloged as CVE-2023-40414. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Google Chrome 34.0.1847.131. It has been declared as critical. This issue affects some unknown processing of the file core/svg/svgfontfaceelement.cpp of the component SVG Handler. Such manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2014-1745. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability identified as problematic has been detected in Apple iOS and iPadOS up to 16.7.1. Affected by this issue is some unknown functionality of the component VoiceOver. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2023-32359. It is possible to launch the attack on the physical device. No exploit exists. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in perl-Convert-ASN1 up to 0.27 on Perl. Impacted is the function Convert::ASN1. Such manipulation leads to infinite loop. This vulnerability is traded as CVE-2013-7488. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in exempi up to 2.5.0. It has been classified as critical. The affected element is the function ID3_Support::ID3v2Frame::getFrameValue of the component Audio File Handler. The manipulation leads to buffer overflow. This vulnerability is listed as CVE-2020-18651. The attack may be initiated remotely. There is no available exploit. To fix this issue, it is recommended to deploy a patch.

A vulnerability was found in exempi up to 2.5.0. It has been classified as critical. Affected is an unknown function of the file WEBP_Support.cpp of the component webp File Handler. Performing manipulation results in buffer overflow. This vulnerability was named CVE-2020-18652. The attack may be initiated remotely. There is no available exploit. It is suggested to install a patch to address this issue.

A vulnerability identified as critical has been detected in MIT Kerberos 5 1.7. This impacts an unknown function of the file kadmind of the component Incremental Propagation. This manipulation causes memory corruption. This vulnerability is registered as CVE-2025-24528. The attack requires access to the local network. No exploit is available.

A vulnerability, which was classified as critical, has been found in Cisco Secure Endpoint. This issue affects some unknown processing of the component ClamAV. This manipulation causes heap-based buffer overflow. This vulnerability is tracked as CVE-2025-20128. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability was found in Campcodes Grocery Sales and Inventory System 1.0 and classified as problematic. The affected element is an unknown function of the file /index.php. The manipulation of the argument page results in cross site scripting. This vulnerability is identified as CVE-2025-10032. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been declared as critical. This affects an unknown function of the file /admin. Such manipulation of the argument Username leads to sql injection. This vulnerability is listed as CVE-2025-10033. The attack may be performed from remote. In addition, an exploit is available.

Mozilla 宣布 Firefox 浏览器将于 2026 年 9 月停止支持 32 位 Linux 系统。Mozilla 称，大部分 Linux 发行版已经不再支持 32 位架构，在 Linux 平台维护 32 位 Firefox 日益困难和不可靠。为了集中精力，Mozilla 宣布将于 Firefox 144 之后停止支持 32 位 Linux，即 Firefox 145 将只支持 64 位 Linux。Mozilla 建议 32 位 Linux 用户升级到 64 位 Linux 使用 64 位 Firefox。如果用户无法立即升级，Firefox ESR 140 的安全更新将一直支持到 2026 年 9 月。

ИИ-профили, токсичные ответы и контент-фермы становятся новой нормой.

Reddit通知用户因IP地址请求过多被限流，建议等待后重试。如持续受限，可联系客服并提供账户信息及代码。

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. [...]

Urgent security alert for SAP users! A critical vulnerability (CVE-2025-42957) allows attackers to take full control of your…

Reddit提示用户IP地址请求过多，访问受限，请等待几分钟后重试。若问题持续可联系客服并提供账户及代码3baebaef-51ad-49cd-84b7-c0291dc97d0e。

Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after a July cyberattack that exposed data of 5.7M people, despite posting $1.5B profit in the last fiscal year. This case study demonstrates that a security breach […]