Aggregator

2025年11月30日中午12点前

VLC 总裁兼项目核心开发者 Jean-Baptiste Kempf 获得了欧洲自由软件奖，以表彰他在 VLC 项目上的长期贡献。VLC 诞生于 1996 年，最初是一个学生项目，如今已发展成为全球最流行媒体播放器之一，用户数以十亿计。Jean-Baptiste Kempf 在学生时代参与了 VLC 项目，在最早一批的开发者毕业项目面临死亡时，他接过了重担。他与其他核心开发者一起创造了我们今天所依赖于的播放器。

Родительские настройки оказались бессильны против того, с чем сталкиваются дети на платформе.

A vulnerability, which was classified as problematic, has been found in metagauss EventPrime Plugin up to 4.2.0.0 on WordPress. This affects the function booking_add_notes. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2025-12498. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Linux Kernel and classified as critical. Affected is an unknown function of the component RSA Decryption. Performing manipulation results in transmission of private resources into a new sphere ('resource leak'). This vulnerability is identified as CVE-2023-6240. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability identified as problematic has been detected in Infinity ZMaintenance Infinity up to 4.1. Impacted is an unknown function of the file /jsp/gsfr_feditorHTML.jsp. The manipulation of the argument pHtmlSource leads to cross site scripting. This vulnerability is listed as CVE-2025-61431. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical was found in Samsung Mobile Processor Exynos. Affected is the function get_vs4l_profiler_node of the component NPU. Executing manipulation can lead to null pointer dereference. This vulnerability appears as CVE-2025-54333. The attacker needs to be present on the local network. There is no available exploit.

A vulnerability was found in Samsung Mobile Processor, Wearable Processor and Modem and classified as critical. This vulnerability affects unknown code of the component 5G NRMM Packet Handler. Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-49494. The attack can only be initiated within the local network. No exploit exists.

A vulnerability marked as critical has been reported in Fuji Electric Monitouch V-SFT-6. This affects an unknown part of the component Project File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2025-54496. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Fuji Electric Monitouch V-SFT-6. This vulnerability affects unknown code of the component Project File Handler. The manipulation results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2025-54526. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Cursor up to 1.7.23. The impacted element is an unknown function. Performing manipulation results in improper access controls. This vulnerability is cataloged as CVE-2025-64110. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Everest Forms Pro Plugin up to 1.9.7 on WordPress. This issue affects the function mime_content_type. The manipulation results in deserialization. This vulnerability is known as CVE-2025-8871. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as problematic, has been found in Features Plugin up to 0.0.2 on WordPress. Impacted is the function features_revert_option. This manipulation causes missing authorization. This vulnerability is handled as CVE-2025-12582. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in Paid Membership Subscriptions Plugin up to 2.16.4 on WordPress. The affected element is the function PMS_AJAX_Checkout_Handler::process_payment. Such manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-11835. The attack can be launched remotely. No exploit exists.

A vulnerability has been found in SMS Plugin up to 1.1.8 on WordPress and classified as problematic. The impacted element is an unknown function. Performing manipulation of the argument paged results in cross site scripting. This vulnerability was named CVE-2025-12580. The attack may be initiated remotely. There is no available exploit.

A vulnerability categorized as problematic has been discovered in Sectona Spectra Plugin up to 2.19.14 on WordPress. Affected is an unknown function. Such manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2025-11162. It is possible to launch the attack remotely. No exploit is available.