Aggregator

CVE-2026-23528 | dask distributed prior 2026.1.0 Dask Dashboard cross site scripting (GHSA-c336-7962-wfj2)

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in dask distributed. It has been declared as problematic. Affected by this issue is some unknown functionality of the component Dask Dashboard. Such manipulation leads to basic cross site scripting. This vulnerability is documented as CVE-2026-23528. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-48647 | Google Android cpm_fwtp_ipc.c cpm_fwtp_msg_handler input validation

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in Google Android. It has been classified as critical. Affected by this vulnerability is the function cpm_fwtp_msg_handler in the library cpm/google/lib/tracepoint/cpm_fwtp_ipc.c. This manipulation causes improper input validation. This vulnerability is registered as CVE-2025-48647. The attack needs to be launched locally. No exploit is available.
vuldb.com

CVE-2025-15032 | Browser Company of New York Dia up to 1.8.x on macOS Trusted Domain ui layer

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in Browser Company of New York Dia up to 1.8.x on macOS and classified as problematic. Affected is an unknown function of the component Trusted Domain Handler. The manipulation results in improper restriction of rendered ui layers. This vulnerability is cataloged as CVE-2025-15032. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-23529 | Aiven-Open bigquery-connector-for-apache-kafka up to 2.10.x file inclusion (GHSA-3mg8-2g53-5gj4)

VulDB Recent Entries
3 months 1 week ago
A vulnerability has been found in Aiven-Open bigquery-connector-for-apache-kafka up to 2.10.x and classified as problematic. This impacts an unknown function. The manipulation leads to file inclusion. This vulnerability is listed as CVE-2026-23529. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.
vuldb.com

INC

Dark Feed IO
3 months 1 week ago

You must login to view this content

cohenido

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

The Hackers News
3 months 1 week ago
The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. "The actor creates a malformed archive as an anti-analysis technique," Expel security researcher Aaron Walton said in a report shared with The Hacker News. "That is, many unarchiving tools
The Hacker News

The Value of Combining Modern Observability Solutions for Actionable Insights

Netscout
3 months 1 week ago
As networks have become increasingly complex, stretching across data centers, remote offices, and colocation sites and into multicloud environments, a lack of visibility across the ecosphere is creating critical blind spots that make addressing problems incredibly difficult. Many modern observability tools rely on...
Sherrie Taylor

Windows 11 PCs Fail to Shut Down After January Security Update

Cyber Security News
3 months 1 week ago

Microsoft’s January 13, 2026, security update for Windows 11 has triggered a frustrating bug: affected PCs refuse to shut down or hibernate, instead restarting. The issue is caused by KB5073455, which targets OS Build 22621.6491 on Windows 11 version 23H2. It was first reported on January 15 and arises from interference with Secure Launch, a […]

The post Windows 11 PCs Fail to Shut Down After January Security Update appeared first on Cyber Security News.

Guru Baran

Managed ad