Aggregator

CVE-2025-5304 | PT Project Notebooks Plugin up to 1.1.3 on WordPress wpnb_pto_new_users_add authorization(link is external)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in PT Project Notebooks Plugin up to 1.1.3 on WordPress. It has been classified as critical. This affects the function wpnb_pto_new_users_add. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-5304. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-6755 | Game Users Share Buttons Plugin up to 1.3.0 on WordPress ajaxDeleteTheme themeNameId path traversal(link is external)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in Game Users Share Buttons Plugin up to 1.3.0 on WordPress and classified as critical. Affected by this issue is the function ajaxDeleteTheme. The manipulation of the argument themeNameId leads to path traversal. This vulnerability is handled as CVE-2025-6755. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-46708 | Imagination Graphics DDK prior 24.2 RTM1 GPU System Call insufficient permissions or privileges(link is external)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability has been found in Imagination Graphics DDK up to 1.15 RTM/1.17 RTM/1.18 RTM/24.1 RTM/24.2 RTM0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component GPU System Call Handler. The manipulation leads to improper handling of insufficient permissions or privileges. This vulnerability is known as CVE-2025-46708. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-53093 | StarCitizenTools mediawiki-extensions-TabberNeue up to 3.1.0 cross site scripting (GHSA-jfj7-249r-7j2m / EUVD-2025-19418)(link is external)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in StarCitizenTools mediawiki-extensions-TabberNeue up to 3.1.0. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-53093. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-52207 | MIKO MikoPBX up to 2024.1.114 PostController.php path traversal (EUVD-2025-19422)(link is external)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability classified as critical was found in MIKO MikoPBX up to 2024.1.114. This vulnerability affects unknown code of the file PBXCoreREST/Controllers/Files/PostController.php. The manipulation leads to relative path traversal. This vulnerability was named CVE-2025-52207. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Unveiling RIFT: Enhancing Rust malware analysis through pattern matching(link is external)

Threat intelligence | Microsoft Security Blog
2 months 3 weeks ago

As threat actors are adopting Rust for malware development, RIFT, an open-source tool, helps reverse engineers analyze Rust malware, solving challenges in the security industry.

The post Unveiling RIFT: Enhancing Rust malware analysis through pattern matching appeared first on Microsoft Security Blog.

Microsoft Threat Intelligence and Microsoft Threat Intelligence Center (MSTIC)

Unveiling RIFT: Enhancing Rust malware analysis through pattern matching(link is external)

Threat intelligence | Microsoft Security Blog
2 months 3 weeks ago

As threat actors are adopting Rust for malware development, RIFT, an open-source tool, helps reverse engineers analyze Rust malware, solving challenges in the security industry.

The post Unveiling RIFT: Enhancing Rust malware analysis through pattern matching appeared first on Microsoft Security Blog.

Microsoft Threat Intelligence and Microsoft Threat Intelligence Center (MSTIC)

Managed ad