Aggregator

CVE-2023-42794 | Oracle Communications Unified Assurance up to 5.5.19/6.0.3 Core denial of service (Nessus ID 239817)

Vuldb Updates
2 weeks 1 day ago
A vulnerability described as critical has been identified in Oracle Communications Unified Assurance up to 5.5.19/6.0.3. This vulnerability affects unknown code of the component Core. Executing manipulation can lead to denial of service. This vulnerability is registered as CVE-2023-42794. It is possible to launch the attack remotely. No exploit is available.
vuldb.com

CVE-2025-49124 | Apache Tomcat up to 9.0.105/10.1.41/11.0.7 on Windows Installer icacls.exe untrusted search path (EUVD-2025-18410 / Nessus ID 240060)

Vuldb Updates
2 weeks 1 day ago
A vulnerability, which was classified as problematic, has been found in Apache Tomcat up to 9.0.105/10.1.41/11.0.7 on Windows. Affected is an unknown function of the file icacls.exe of the component Installer. Performing manipulation results in untrusted search path. This vulnerability was named CVE-2025-49124. The attack needs to be approached locally. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-21733 | Apache Tomcat up to 8.5.63/9.0.43 Incomplete POST Request information exposure (ID 176951 / Nessus ID 214321)

Vuldb Updates
2 weeks 1 day ago
A vulnerability marked as problematic has been reported in Apache Tomcat up to 8.5.63/9.0.43. Affected by this issue is some unknown functionality of the component Incomplete POST Request Handler. The manipulation leads to information exposure through error message. This vulnerability is traded as CVE-2024-21733. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2024-52316 | Apache Tomcat up to 9.0.95/10.1.30/11.0.0-M26 ServerAuthContext error condition (EUVD-2024-3331 / Nessus ID 211506)

Vuldb Updates
2 weeks 1 day ago
A vulnerability classified as critical was found in Apache Tomcat up to 9.0.95/10.1.30/11.0.0-M26. This issue affects some unknown processing of the component ServerAuthContext Component. The manipulation results in unchecked error condition. This vulnerability is known as CVE-2024-52316. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2024-38286 | Apache Tomcat up to 9.0.89/10.1.24/11.0.0-M20 TLS Handshake resource consumption (EUVD-2024-3211 / Nessus ID 208063)

Vuldb Updates
2 weeks 1 day ago
A vulnerability categorized as critical has been discovered in Apache Tomcat up to 9.0.89/10.1.24/11.0.0-M20. This affects an unknown function of the component TLS Handshake Handler. The manipulation results in resource consumption. This vulnerability is identified as CVE-2024-38286. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-24549 | Apache Tomcat up to 8.5.98/9.0.85/10.1.18/11.0.0-M16 HTTP/2 Request denial of service (DLA 3779-1 / Nessus ID 209246)

Vuldb Updates
2 weeks 1 day ago
A vulnerability has been found in Apache Tomcat up to 8.5.98/9.0.85/10.1.18/11.0.0-M16 and classified as problematic. This vulnerability affects unknown code of the component HTTP2 Request Handler. The manipulation leads to denial of service. This vulnerability is documented as CVE-2024-24549. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2024-34750 | Apache Tomcat up to 9.0.89/10.1.24/11.0.0-M20 HTTP/2 Stream exceptional condition (Nessus ID 212124 / WID-SEC-2025-0143)

Vuldb Updates
2 weeks 1 day ago
A vulnerability identified as problematic has been detected in Apache Tomcat up to 9.0.89/10.1.24/11.0.0-M20. The impacted element is an unknown function of the component HTTP2 Stream Handler. Performing manipulation results in handling of exceptional conditions. This vulnerability is identified as CVE-2024-34750. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-40065 | Linux Kernel up to 6.17.2 KVM privilege escalation (Nessus ID 271877)

Vuldb Updates
2 weeks 1 day ago
A vulnerability was found in Linux Kernel up to 6.17.2. It has been classified as critical. This impacts an unknown function of the component KVM. The manipulation leads to privilege escalation. This vulnerability is documented as CVE-2025-40065. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-40070 | Linux Kernel up to 5.15.194/6.1.155/6.6.111/6.12.52/6.17.2 drivers/base/core.c pps_register_cdev use after free (Nessus ID 271878)

Vuldb Updates
2 weeks 1 day ago
A vulnerability described as critical has been identified in Linux Kernel up to 5.15.194/6.1.155/6.6.111/6.12.52/6.17.2. Affected is the function pps_register_cdev of the file drivers/base/core.c. Such manipulation leads to use after free. This vulnerability is referenced as CVE-2025-40070. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-40025 | Linux Kernel up to 6.17.1 fs/f2fs/file.c f2fs_truncate_hole allocation of resources (Nessus ID 271879 / WID-SEC-2025-2430)

Vuldb Updates
2 weeks 1 day ago
A vulnerability classified as critical was found in Linux Kernel up to 6.17.1. This impacts the function f2fs_truncate_hole of the file fs/f2fs/file.c. Such manipulation leads to allocation of resources. This vulnerability is listed as CVE-2025-40025. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2025-40077 | Linux Kernel up to 6.17.2 f2fs pgoff_t buffer overflow (Nessus ID 271880)

Vuldb Updates
2 weeks 1 day ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.17.2. This issue affects the function pgoff_t of the component f2fs. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-40077. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.
vuldb.com

How Quantum Computing Will Transform Data Security, AI, and Cloud Systems

Security Boulevard
2 weeks 1 day ago

Quantum computing is set to redefine data security, AI, and cloud infrastructure. This in-depth research explores how post-quantum cryptography, quantum AI acceleration, and hybrid quantum-cloud systems will reshape technology by 2035—and what developers can do to prepare.

The post How Quantum Computing Will Transform Data Security, AI, and Cloud Systems appeared first on Security Boulevard.

SSOJet - Enterprise SSO & Identity Solutions

Hackers Allegedly Leak HSBC USA Customer and Financial Information

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 weeks 1 day ago

A threat actor has claimed responsibility for breaching HSBC USA, the American division of the global investment bank and financial services holding company. The cybercriminal posted an extensive database for sale on underground forums, alleging it contains fresh and comprehensive customer data stolen from the financial institution. Massive Collection of Sensitive Customer Data According to […]

The post Hackers Allegedly Leak HSBC USA Customer and Financial Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2023-25231 | Tenda W30E 1.0.1.25(633) fromRouteStatic entrys/mitInterface buffer overflow (EUVD-2023-29194)

Vuldb Updates
2 weeks 1 day ago
A vulnerability, which was classified as critical, was found in Tenda W30E 1.0.1.25(633). This issue affects the function fromRouteStatic. The manipulation of the argument entrys/mitInterface results in buffer overflow. This vulnerability is cataloged as CVE-2023-25231. The attack must originate from the local network. There is no exploit available.
vuldb.com

CVE-2023-25221 | Libde265 1.0.10 motion.cc derive_spatial_luma_vector_prediction heap-based overflow (Issue 388 / EUVD-2023-29184)

Vuldb Updates
2 weeks 1 day ago
A vulnerability was found in Libde265 1.0.10. It has been classified as critical. Affected by this vulnerability is the function derive_spatial_luma_vector_prediction of the file motion.cc. The manipulation leads to heap-based buffer overflow. This vulnerability is documented as CVE-2023-25221. The attack requires being on the local network. There is not any exploit available.
vuldb.com

Managed ad