Aggregator

A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this issue is the function formSetWizard2. The manipulation of the argument curTime leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-4452. The attack may be launched remotely. There is no exploit available. The vendor was contacted early about this disclosure.

Submit #565441 / VDB-308070

A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this vulnerability is the function formSetWAN_Wizard52. The manipulation of the argument curTime leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2025-4451. The attack can be launched remotely. There is no exploit available. The vendor was contacted early about this disclosure.

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Affected is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2025-4450. It is possible to launch the attack remotely. There is no exploit available. The vendor was contacted early about this disclosure.

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. This issue affects the function formEasySetupWizard3. The manipulation of the argument wan_connected leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2025-4449. The attack may be initiated remotely. There is no exploit available. The vendor was contacted early about this disclosure.

A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-4448. The attack can be initiated remotely. There is no exploit available. The vendor was contacted early about this disclosure.

LockBit ransomware website hacked! Sensitive data leaked, including Bitcoin keys. Learn about the breach and how to secure your organization.

The post LockBit Ransomware Hacked: Database and Victim Chats Leaked appeared first on Security Boulevard.

Explore the growing adoption of the Model Context Protocol in Java, including key frameworks and security considerations. Discover more!

The post Model Context Protocol Adoption and C# SDK Integration in Java appeared first on Security Boulevard.

Submit #562440 / VDB-308069

A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. [...]

Submit #560798 / VDB-308068

Submit #560797 / VDB-308067

Submit #560795 / VDB-308066

Submit #560793 / VDB-308065

Submit #560792 / VDB-308064

Latest features in Microsoft Dev Proxy v0.27, including TypeSpec generation and Nested App Authentication. Enhance your development today!

The post Dev Proxy v0.27: New API Modeling and AI Features Released appeared first on Security Boulevard.

Submit #558358 / VDB-308063

A vulnerability classified as problematic has been found in Dell PowerScale OneFS up to 9.10.1.0. This affects an unknown part. The manipulation leads to time-of-check time-of-use. This vulnerability is uniquely identified as CVE-2025-30101. An attack has to be approached locally. There is no exploit available.

Submit #558357 / VDB-308062

A vulnerability was found in Dell PowerScale OneFS up to 9.10.1.0. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2025-30102. The attack needs to be approached locally. There is no exploit available.