Aggregator

A vulnerability, which was classified as critical, has been found in IAHispano Applio up to 3.2.8-bugfix. Affected by this issue is some unknown functionality of the file infer.py. The manipulation leads to deserialization. This vulnerability is handled as CVE-2025-27778. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in IAHispano Applio up to 3.2.8-bugfix. Affected by this vulnerability is the function model_name of the file model_information.py. The manipulation leads to deserialization. This vulnerability is known as CVE-2025-27780. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in GnuPG up to 2.5.4. Affected is an unknown function of the component Certificate Import. The manipulation leads to improper check for unusual conditions. This vulnerability is traded as CVE-2025-30258. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Emlog Pro 2.5.x. It has been rated as critical. This issue affects some unknown processing of the file /admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2025-29405. The attack may be initiated remotely. There is no exploit available.

The Pennsylvania State Education Association (PSEA), the largest public-sector union in Pennsylvania, is notifying over half a million individuals that attackers stole their personal information in a July 2024 security breach. [...]