X Urges Security Key Users to Re-Enroll Before November 10 to Prevent Account Lockouts
X Urges Security Key Users to Re-Enroll Before November 10 to Prevent Account Lockouts
Aggregator
CVE-2025-60791 | Easywork Enterprise 2.1.3.354 cleartext storage (EUVD-2025-36218)
5 days 1 hour ago
A vulnerability was found in Easywork Enterprise 2.1.3.354. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cleartext storage of sensitive information.
This vulnerability is referenced as CVE-2025-60791. The attack needs to be initiated within the local network. No exploit is available.
vuldb.com
nsKnox Launches Adaptive Payment Security™, Revolutionizing B2B Fraud Prevention by Solving the ‘Impossible Triangle’ of Speed, Certainty, and Effort
5 days 1 hour ago
New York, New York, USA, 27th October 2025, CyberNewsWire
CyberNewswire
Ubiquiti UniFi Door Access App Vulnerability Exposes API Management Without Authentication
5 days 1 hour ago
Ubiquiti’s UniFi Access application has been found vulnerable to a critical flaw that leaves its management API exposed without authentication. Discovered by Catchify Security, this issue allows malicious actors on the management network to potentially take full control of door access systems, raising alarms for organizations relying on the platform for physical security. The vulnerability […]
The post Ubiquiti UniFi Door Access App Vulnerability Exposes API Management Without Authentication appeared first on Cyber Security News.
Guru Baran
X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts
5 days 1 hour ago
Social media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service.
To that end, users are being asked to complete the re-enrollment, either using their existing security key or enrolling a new one, by November 10, 2025.
"After November 10, if you
The Hacker News
Akira
5 days 1 hour ago
You must login to view this content
cohenido
Qilin
5 days 2 hours ago
You must login to view this content
cohenido
Qilin
5 days 2 hours ago
You must login to view this content
cohenido
CVE-2025-12343 | FFmpeg TensorFlow DNN Backend dnn_execute_model_tf double free (WID-SEC-2025-2423)
5 days 2 hours ago
A vulnerability was found in FFmpeg. It has been declared as critical. Affected by this vulnerability is the function dnn_execute_model_tf of the component TensorFlow DNN Backend. Executing manipulation can lead to double free.
The identification of this vulnerability is CVE-2025-12343. The attack may be launched remotely. There is no exploit available.
vuldb.com
Qilin
5 days 2 hours ago
You must login to view this content
cohenido
CVE-2023-49440 | AhnLab EPP 1.0.15 preview sql injection
5 days 2 hours ago
A vulnerability was found in AhnLab EPP 1.0.15. It has been classified as critical. Affected is an unknown function. Performing manipulation of the argument preview results in sql injection.
This vulnerability was named CVE-2023-49440. The attack may be initiated remotely. There is no available exploit.
vuldb.com
Qilin
5 days 2 hours ago
You must login to view this content
cohenido
CVE-2023-37749 | HubSpot 1.29441 REST API Endpoint access control
5 days 2 hours ago
A vulnerability was found in HubSpot 1.29441 and classified as critical. This impacts an unknown function of the component REST API Endpoint. Such manipulation leads to improper access controls.
This vulnerability is uniquely identified as CVE-2023-37749. The attack can only be initiated within the local network. No exploit exists.
vuldb.com
CVE-2025-10023 | Centreon Infra Monitoring up to 23.10.25/24.04.15/24.10.8 Services Meta-Services cross site scripting (EUVD-2025-36202)
5 days 2 hours ago
A vulnerability has been found in Centreon Infra Monitoring up to 23.10.25/24.04.15/24.10.8 and classified as problematic. This affects an unknown function of the component Services Meta-Services Module. This manipulation causes cross site scripting.
This vulnerability is handled as CVE-2025-10023. The attack can be initiated remotely. There is not any exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2025-34133 | Cloud Solutions SAS Wimi Teamwork up to 7.38.16 csrf_token cross-site request forgery (EUVD-2025-36201)
5 days 2 hours ago
A vulnerability, which was classified as problematic, was found in Cloud Solutions SAS Wimi Teamwork up to 7.38.16. The impacted element is an unknown function. The manipulation of the argument csrf_token results in cross-site request forgery.
This vulnerability is known as CVE-2025-34133. It is possible to launch the attack remotely. No exploit is available.
You should upgrade the affected component.
vuldb.com
CVE-2025-52268 | StarCharge Artemis AC Charger 7-22 kW 1.0.4 AES Key hard-coded key
5 days 2 hours ago
A vulnerability, which was classified as problematic, has been found in StarCharge Artemis AC Charger 7-22 kW 1.0.4. The affected element is an unknown function of the component AES Key Handler. The manipulation leads to use of hard-coded cryptographic key
.
This vulnerability is traded as CVE-2025-52268. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com
56% атак — из-за человека. Российских чиновников научили, как не стать жертвой социальной инженерии
5 days 2 hours ago
400 управленцев прошли киберучения на «цифровом двойнике».
CVE-2025-52264 | StarCharge Artemis AC Charger 7-22 kW 1.0.4 download.cgi cgiMain stack-based overflow
5 days 2 hours ago
A vulnerability classified as critical was found in StarCharge Artemis AC Charger 7-22 kW 1.0.4. Impacted is the function cgiMain of the file download.cgi. Executing manipulation can lead to stack-based buffer overflow.
This vulnerability appears as CVE-2025-52264. The attack may be performed from remote. There is no available exploit.
vuldb.com
CVE-2025-52263 | StarCharge Artemis AC Charger 7-22 kW 1.0.4 Web Configuration privilege escalation
5 days 2 hours ago
A vulnerability was found in StarCharge Artemis AC Charger 7-22 kW 1.0.4. It has been declared as critical. This affects an unknown function of the component Web Configuration Module. Such manipulation leads to privilege escalation.
This vulnerability is referenced as CVE-2025-52263. The attack needs to be initiated within the local network. No exploit is available.
vuldb.com
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
5 days 2 hours ago
Introducing the initial release of audit logs for SonarQube Cloud, a new feature designed to provide enhanced governance and support for our Enterprise plan customers. This initial, API-driven release focuses on core authentication and administrative IAM events to help you meet compliance requirements.
The post Introducing audit logs in SonarQube Cloud: Enhancing compliance and security appeared first on Security Boulevard.
Andrew Osborne