Aggregator

A vulnerability has been found in Chamilo LMS up to 1.11.24 and classified as problematic. Affected by this vulnerability is an unknown functionality in the library /main/inc/lib/javascript/bigupload/inc/bigUpload.php. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2023-4220. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2025-2584. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SimpleMachines SMF 2.1.4. It has been classified as problematic. This affects an unknown part of the file ManageNews.php. The manipulation of the argument subject/message leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2583. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure.

A vulnerability was found in SimpleMachines SMF 2.1.4 and classified as problematic. Affected by this issue is some unknown functionality of the file ManageAttachments.php. The manipulation of the argument Notice leads to cross site scripting. This vulnerability is handled as CVE-2025-2582. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure.

Threat Attack Daily - 20th of March 2025

【君哥内推】旨在帮助甲方信息安全部门发布招聘需求，推送频率不定。欢迎甲方朋友们将招聘需求发给我，我愿意出力，

本期周报简介：315晚会揭示了个人信息通过多种渠道被窃取的风险，可通过多层防护策略有效减少数据泄露风险

【君哥内推】旨在帮助甲方信息安全部门发布招聘需求，推送频率不定。欢迎甲方朋友们将招聘需求发给我，我愿意出力，

本期周报简介：315晚会揭示了个人信息通过多种渠道被窃取的风险，可通过多层防护策略有效减少数据泄露风险

【君哥内推】旨在帮助甲方信息安全部门发布招聘需求，推送频率不定。欢迎甲方朋友们将招聘需求发给我，我愿意出力，

本期周报简介：315晚会揭示了个人信息通过多种渠道被窃取的风险，可通过多层防护策略有效减少数据泄露风险

本期周报简介：315晚会揭示了个人信息通过多种渠道被窃取的风险，可通过多层防护策略有效减少数据泄露风险

【君哥内推】旨在帮助甲方信息安全部门发布招聘需求，推送频率不定。欢迎甲方朋友们将招聘需求发给我，我愿意出力，

本期周报简介：315晚会揭示了个人信息通过多种渠道被窃取的风险，可通过多层防护策略有效减少数据泄露风险

【君哥内推】旨在帮助甲方信息安全部门发布招聘需求，推送频率不定。欢迎甲方朋友们将招聘需求发给我，我愿意出力，

本期周报简介：315晚会揭示了个人信息通过多种渠道被窃取的风险，可通过多层防护策略有效减少数据泄露风险

Submit #515406 / VDB-300544

Submit #512002 / VDB-300543

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. This vulnerability is known as CVE-2025-2581. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Submit #512001 / VDB-300543