Aggregator

CVE-2020-25681 | Dnsmasq up to 2.82 RRSets Sort heap-based overflow (Nessus ID 236546)

3 months 1 week ago

A vulnerability classified as critical was found in Dnsmasq up to 2.82. This vulnerability affects unknown code of the component RRSets Sort Handler. Executing manipulation can lead to heap-based buffer overflow. This vulnerability is registered as CVE-2020-25681. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

vuldb.com

CVE-2020-25682 | Dnsmasq up to 2.82 rfc1035.c extract_name heap-based overflow (Nessus ID 236546)

Vuldb Updates

3 months 1 week ago

A vulnerability, which was classified as critical, has been found in Dnsmasq up to 2.82. This issue affects the function extract_name of the file rfc1035.c. The manipulation leads to heap-based buffer overflow. This vulnerability is documented as CVE-2020-25682. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

vuldb.com

CVE-2020-25686 | Dnsmasq up to 2.82 Pending Request security check (Nessus ID 236546)

Vuldb Updates

3 months 1 week ago

A vulnerability, which was classified as problematic, was found in Dnsmasq up to 2.82. Impacted is an unknown function of the component Pending Request Handler. The manipulation results in security check for standard. This vulnerability is reported as CVE-2020-25686. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

vuldb.com

CVE-2020-25687 | Dnsmasq up to 2.82 rfc1035.c extract_name heap-based overflow (Nessus ID 236546)

Vuldb Updates

3 months 1 week ago

A vulnerability has been found in Dnsmasq up to 2.82 and classified as critical. The affected element is the function extract_name of the file rfc1035.c. This manipulation causes heap-based buffer overflow. This vulnerability appears as CVE-2020-25687. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

vuldb.com

Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs and iPads

CyberScoop

3 months 1 week ago

The tech giant didn’t report active exploitation of any of the patched defects, yet details about potential impacts remain limited.

The post Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs and iPads appeared first on CyberScoop.

Matt Kapko

Malicious Android apps on Google Play downloaded 42 million times

Bleeping Computer.

3 months 1 week ago

Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. [...]

Bill Toulas

CVE-2025-43502 | Apple Safari/visionOS/iOS/iPadOS up to 26.0 information disclosure (WID-SEC-2025-2480)

Vuldb Updates

3 months 1 week ago

A vulnerability labeled as problematic has been found in Apple Safari, visionOS, iOS and iPadOS up to 26.0. This affects an unknown part. Such manipulation leads to information disclosure. This vulnerability is traded as CVE-2025-43502. An attack has to be approached locally. There is no exploit available. The affected component should be upgraded.

vuldb.com

Play

Dark Feed IO

3 months 1 week ago

You must login to view this content

cohenido

Play

Dark Feed IO

3 months 1 week ago

You must login to view this content

cohenido

Play

Dark Feed IO

3 months 1 week ago

You must login to view this content

cohenido

INC

Dark Feed IO

3 months 1 week ago

You must login to view this content

cohenido

Securing Agentic AI: Extending Network Security Principles to Serverless Environments

Security Boulevard

3 months 1 week ago

As enterprise AI rapidly matures, we’re entering a new phase, one powered by agentic AI. These intelligent agents are more autonomous, capable of making decisions, taking actions, and adapting dynamically to new environments. This evolution introduces new complexity in how we build AI systems as well as in how we secure them. Agentic AI doesn’t..

The post Securing Agentic AI: Extending Network Security Principles to Serverless Environments appeared first on Security Boulevard.

Anirban Sengupta

CVE-2021-43400 | BlueZ 5.61 D-Bus gatt-database.c WriteValue use after free

Vuldb Updates

3 months 1 week ago

A vulnerability labeled as critical has been found in BlueZ 5.61. This affects the function WriteValue of the file gatt-database.c of the component D-Bus Handler. The manipulation results in use after free. This vulnerability is cataloged as CVE-2021-43400. The attack must originate from the local network. There is no exploit available. It is advisable to implement a patch to correct this issue.

vuldb.com

CVE-2021-41229 | BlueZ on Linux sdp Packet sdp_cstate_alloc_buf resource consumption (GHSA-3fqg-r8j5-f5xq / Nessus ID 213132)

Vuldb Updates

3 months 1 week ago

A vulnerability was found in BlueZ on Linux. It has been rated as problematic. This impacts the function sdp_cstate_alloc_buf of the component sdp Packet Handler. This manipulation causes resource consumption. This vulnerability appears as CVE-2021-41229. The attacker needs to be present on the local network. There is no available exploit.

vuldb.com

CVE-2021-37706 | PJSIP integer underflow (GHSA-2qpg-f6wf-w984)

Vuldb Updates

3 months 1 week ago

A vulnerability labeled as critical has been found in PJSIP. The affected element is an unknown function. The manipulation results in integer underflow. This vulnerability was named CVE-2021-37706. The attack may be performed from remote. There is no available exploit. A patch should be applied to remediate this issue.

vuldb.com

CVE-2021-43804 | PJSIP out-of-bounds (GHSA-3qx3-cg72-wrh9)

Vuldb Updates

3 months 1 week ago

A vulnerability marked as problematic has been reported in PJSIP. The impacted element is an unknown function. This manipulation causes out-of-bounds read. The identification of this vulnerability is CVE-2021-43804. It is possible to initiate the attack remotely. There is no exploit available. To fix this issue, it is recommended to deploy a patch.

vuldb.com

CVE-2021-43845 | PJSIP up to 2.11.1 RTCP XR Message out-of-bounds (GHSA-r374-qrwv-86hh)

Vuldb Updates

3 months 1 week ago

A vulnerability, which was classified as problematic, has been found in PJSIP up to 2.11.1. This vulnerability affects unknown code of the component RTCP XR Message Handler. This manipulation causes out-of-bounds read. The identification of this vulnerability is CVE-2021-43845. It is possible to initiate the attack remotely. There is no exploit available. To fix this issue, it is recommended to deploy a patch.

vuldb.com

CVE-2021-44686 | calibre up to 5.31.x preprocess.py html_preprocess_rules incorrect regex (Issue 18 / Nessus ID 257996)

Vuldb Updates

3 months 1 week ago

A vulnerability described as critical has been identified in calibre up to 5.31.x. This issue affects the function html_preprocess_rules of the file ebooks/conversion/preprocess.py. Such manipulation leads to incorrect regular expression. This vulnerability is listed as CVE-2021-44686. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

vuldb.com

CVE-2021-41184 | Oracle Commerce Guided Search 11.3.2 Experience Manager cross site scripting (Nessus ID 211078)

Vuldb Updates

3 months 1 week ago

A vulnerability marked as critical has been reported in Oracle Commerce Guided Search 11.3.2. Affected is an unknown function of the component Experience Manager. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-41184. The attack is possible to be carried out remotely. No exploit exists.

vuldb.com

CVE-2021-41184 | Oracle Enterprise Manager for Exadata 13.5.0.0 DB Machine Management cross site scripting (Nessus ID 211078)

Vuldb Updates

3 months 1 week ago

A vulnerability was found in Oracle Enterprise Manager for Exadata 13.5.0.0. It has been rated as critical. This vulnerability affects unknown code of the component DB Machine Management. Performing manipulation results in cross site scripting. This vulnerability was named CVE-2021-41184. The attack may be initiated remotely. There is no available exploit.

vuldb.com

Aggregator

Managed ad