Aggregator

CVE-2025-25211 | Inaba Denki Sangyo CHOCO TEI WATCHER mini weak password (icsa-25-084-04)

5 months 1 week ago

A vulnerability has been found in Inaba Denki Sangyo CHOCO TEI WATCHER mini and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password requirements. This vulnerability is known as CVE-2025-25211. The attack can be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-26689 | Inaba Denki Sangyo CHOCO TEI WATCHER mini HTTP direct request (icsa-25-084-04)

Vuldb Updates

5 months 1 week ago

A vulnerability was found in Inaba Denki Sangyo CHOCO TEI WATCHER mini and classified as critical. Affected by this issue is some unknown functionality of the component HTTP Handler. The manipulation leads to direct request. This vulnerability is handled as CVE-2025-26689. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-2976 | GFI KerioConnect 10.0.6 File Upload cross site scripting

Vuldb Updates

5 months 1 week ago

A vulnerability was found in GFI KerioConnect 10.0.6. It has been classified as problematic. Affected is an unknown function of the component File Upload. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-2976. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

CVE-2025-2977 | GFI KerioConnect 10.0.6 PDF File cross site scripting

Vuldb Updates

5 months 1 week ago

A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-2977. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

穿透技术域迷雾：如何用AI缝合安全裂痕？

FreeBuf互联网安全新媒体平台

5 months 1 week ago

当企业上云从“趋势”变为“常态”，阿里云的三体战役正用技术纵深度、生态聚合度、战略前瞻性，来开启云安全AI时代的新纪元。

计算机科学家 Xiaofeng Wang 失踪，其家被 FBI 搜查

Solidot

5 months 1 week ago

研究密码学、隐私和网络安全的计算机科学家 Xiaofeng Wang 失去联络，其家还遭到了 FBI 搜查，原因未知。Xiaofeng Wang 于 2004 年在卡内基梅隆大学获得电子与计算机工程博士学位，当年获得了印第安纳大学 Bloomington 分校的助理教授职位，之后担任了印第安纳大学 Luddy 信息学、计算和工程学院的研究副院长。过去几周，他的电邮账户、电话号码和 Luddy 学院的个人资料页面都被其雇主删除。他的妻子 Nianli Ma 在大学图书馆 IT 部门担任首席系统分析师和程序员，她的资料页面也被删除了。上周五 FBI 搜查了两人的家。FBI 称他们在执行法庭授权的执法行动，其它信息没有披露。约翰霍普金斯大学密码学教授 Matthew Green 表示他听说 Wang 失踪已经两周，他的学生也联络不上他。

CVE-2004-1826 | Mambo Open Source 4.5 up to 4.5 index.php ID sql injection (EDB-23834 / XFDB-15500)

Vuldb Updates

5 months 1 week ago

A vulnerability, which was classified as critical, was found in Mambo Open Source 4.5 up to 4.5. Affected is an unknown function of the file index.php. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2004-1826. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com