Aggregator

A vulnerability was found in SAIL Image Decoding Library 0.9.8. It has been rated as critical. This affects an unknown function of the component BMPv3 RLE Decoder. This manipulation causes integer overflow to buffer overflow. This vulnerability is tracked as CVE-2025-52930. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability categorized as critical has been discovered in SAIL Image Decoding Library 0.9.8. This impacts an unknown function of the component PSD RLE Decoder. Such manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2025-53085. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as critical has been detected in SAIL Image Decoding Library 0.9.8. Affected is an unknown function of the component PSD Image Decoder. Performing manipulation results in integer overflow to buffer overflow. This vulnerability is cataloged as CVE-2025-53510. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as critical has been found in PHPGurukul Hospital Management System 4.0. The affected element is an unknown function of the file about-us.php. Such manipulation of the argument pagetitle leads to sql injection. This vulnerability is listed as CVE-2025-56216. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in PHPGurukul Hospital Management System 4.0 and classified as critical. This vulnerability affects unknown code of the file add-doctor.php. Executing manipulation of the argument docname can lead to sql injection. This vulnerability is handled as CVE-2025-56212. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Impacted is an unknown function of the file index.php. The manipulation of the argument Username results in sql injection. This vulnerability was named CVE-2025-56214. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been rated as critical. The affected element is an unknown function of the file contact.php. This manipulation of the argument pagetitle causes sql injection. The identification of this vulnerability is CVE-2025-56215. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads to sql injection. This vulnerability is referenced as CVE-2025-9418. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability has been found in itsourcecode Apartment Management System 1.0 and classified as critical. The affected element is an unknown function of the file /unit/addunit.php. Performing manipulation of the argument ID results in sql injection. This vulnerability is identified as CVE-2025-9419. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in itsourcecode Apartment Management System 1.0 and classified as critical. The impacted element is an unknown function of the file /floor/addfloor.php. Executing manipulation of the argument hdnid can lead to sql injection. This vulnerability is tracked as CVE-2025-9420. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been classified as critical. This affects an unknown function of the file /complain/addcomplain.php. The manipulation of the argument ID leads to sql injection. This vulnerability is listed as CVE-2025-9421. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability was found in Campcodes Online Water Billing System 1.0. It has been rated as critical. Affected is an unknown function of the file /editecex.php. This manipulation of the argument ID causes sql injection. This vulnerability is registered as CVE-2025-9423. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Salesloft因供应链攻击暂停Drift服务，攻击者利用被盗OAuth和刷新令牌入侵客户Salesforce实例。事件影响Cloudflare、Google Workspace等多家企业，Salesloft正与网络安全公司合作应对，并计划全面审查应用以增强安全性。

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens. "This will provide the fastest path forward to comprehensively review the application and build

斗象科技完成2亿元战略融资，由钟鼎资本独家投资。资金将用于AI安全技术与安全智能平台研发，并为后续资本计划和IPO做准备。

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

Apple将于9月10日举行秋季发布会，推出iPhone 17系列、Apple Watch及AirPods Pro等新品。iPhone 17 Air主打超薄设计与eSIM功能；Pro系列则升级影像系统与性能；其他产品包括新款Apple Watch与AirPods Pro等。

Данные школьников публикуют в даркнете ради резонанса.

本文从SEKAI CTF的一道题开始，深入源码探讨了pickle，_pickle和pickletools面对不同情况时的解析差异问题，有助于选手对这些库有更加深入的了解。

Canonical宣布将在Ubuntu 25.10中使用基于Rust开发的sudo-rs替代传统sudo，以提升安全性和性能。sudo-rs已开发完成关键功能，支持NOEXEC和AppArmor配置文件切换，并兼容旧内核。未来将在26.10 LTS中全面采用，并允许用户切换回旧版。