Aggregator
Kairos
3 months 2 weeks ago
You must login to view this content
cohenido
Ученые назвали точную дату конца Вселенной
3 months 2 weeks ago
Ждать не триллионы триллионов лет, а всего-то 10⁷⁸ лет.
CVE-2025-3859 | Mozilla Focus up to 137 ui layer
3 months 2 weeks ago
A vulnerability was found in Mozilla Focus up to 137. It has been classified as problematic. This affects an unknown part. The manipulation leads to improper restriction of rendered ui layers.
This vulnerability is uniquely identified as CVE-2025-3859. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-0427 | Arm Bifrost GPU Kernel Driver up to r49p3/r51p0 use after free
3 months 2 weeks ago
A vulnerability was found in Arm Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver and 5th Gen GPU Architecture Kernel Driver up to r49p3/r51p0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free.
This vulnerability is known as CVE-2025-0427. Local access is required to approach this attack. There is no exploit available.
vuldb.com
CVE-2025-0072 | Arm Valhall GPU Kernel Driver up to r49p3/r53p0 use after free
3 months 2 weeks ago
A vulnerability was found in Arm Valhall GPU Kernel Driver and 5th Gen GPU Architecture Kernel Driver up to r49p3/r53p0. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to use after free.
This vulnerability is handled as CVE-2025-0072. Attacking locally is a requirement. There is no exploit available.
vuldb.com
CVE-2025-3927 | Digigram PYKO-OUT 1.0 Audio-over-IP Web Server weak credentials
3 months 2 weeks ago
A vulnerability has been found in Digigram PYKO-OUT 1.0 and classified as problematic. This vulnerability affects unknown code of the component Audio-over-IP Web Server. The manipulation leads to use of weak credentials. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability was named CVE-2025-3927. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com
CVE-2025-45800 | TOTOLINK A950RG 4.1.2cu.5204_B20210112 global.so setDeviceName deviceMac command injection
3 months 2 weeks ago
A vulnerability classified as critical was found in TOTOLINK A950RG 4.1.2cu.5204_B20210112. Affected by this vulnerability is the function setDeviceName in the library /lib/cste_modules/global.so. The manipulation of the argument deviceMac leads to command injection.
This vulnerability is known as CVE-2025-45800. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-58134 | SRI Mojolicious up to 9.39 on Perl HMAC Session Secrets hard-coded key
3 months 2 weeks ago
A vulnerability classified as problematic was found in SRI Mojolicious up to 9.39 on Perl. Affected by this vulnerability is an unknown functionality of the component HMAC Session Secrets Handler. The manipulation leads to use of hard-coded cryptographic key
.
This vulnerability is known as CVE-2024-58134. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-4344 | D-Link DIR-600L up to 2.07B01 formLogin host buffer overflow
3 months 2 weeks ago
A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is uniquely identified as CVE-2025-4344. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4345 | D-Link DIR-600L up to 2.07B01 formSetLog host buffer overflow
3 months 2 weeks ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. This issue affects the function formSetLog. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
The identification of this vulnerability is CVE-2025-4345. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-4346 | D-Link DIR-600L up to 2.07B01 formSetWAN_Wizard534 host buffer overflow
3 months 2 weeks ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been classified as critical. Affected is the function formSetWAN_Wizard534. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is traded as CVE-2025-4346. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4347 | D-Link DIR-600L up to 2.07B01 formWlSiteSurvey host buffer overflow
3 months 2 weeks ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been declared as critical. Affected by this vulnerability is the function formWlSiteSurvey. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is known as CVE-2025-4347. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-4348 | D-Link DIR-600L up to 2.07B01 formSetWanL2TP host buffer overflow
3 months 2 weeks ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is handled as CVE-2025-4348. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-4349 | D-Link DIR-600L up to 2.07B01 formSysCmd host command injection
3 months 2 weeks ago
A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. This affects the function formSysCmd. The manipulation of the argument host leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is uniquely identified as CVE-2025-4349. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4350 | D-Link DIR-600L up to 2.07B01 wake_on_lan host command injection
3 months 2 weeks ago
A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This vulnerability affects the function wake_on_lan. The manipulation of the argument host leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability was named CVE-2025-4350. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-29824 | Microsoft Windows up to Server 2025 Common Log File System Driver use after free
3 months 2 weeks ago
A vulnerability classified as critical was found in Microsoft Windows. This vulnerability affects unknown code of the component Common Log File System Driver. The manipulation leads to use after free.
This vulnerability was named CVE-2025-29824. The attack needs to be approached locally. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
US seizes Anyproxy, 5socks botnets and indicts alleged administrators
3 months 2 weeks ago
The long-running botnet operation used malware that infected older wireless internet routers over a 20-year period, according to federal prosecutors.
The post US seizes Anyproxy, 5socks botnets and indicts alleged administrators appeared first on CyberScoop.
Matt Kapko
Output Messenger flaw exploited as zero-day in espionage attacks
3 months 2 weeks ago
A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. [...]
Sergiu Gatlan
Russia’s ‘outsourced’ Bulgarian spy ring sentenced to more than 50 years in UK
3 months 2 weeks ago
Six Bulgarians tasked with spy operations in the U.K. on behalf of Russian intelligence each received multi-year prison sentences for their activities.