Aggregator

CVE-2022-45970 | Alist 3.5.1 Bulletin Board cross site scripting (Issue 2457)

1 day 5 hours ago

A vulnerability marked as problematic has been reported in Alist 3.5.1. Impacted is an unknown function of the component Bulletin Board. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2022-45970. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2022-45969 | Alist 3.4.0 pathname traversal (Issue 2449)

Vuldb Updates

1 day 5 hours ago

A vulnerability classified as critical was found in Alist 3.4.0. The affected element is an unknown function. Such manipulation leads to pathname traversal. This vulnerability is documented as CVE-2022-45969. The attack requires being on the local network. There is not any exploit available.

vuldb.com

CVE-2023-23915 | cURL HSTS cleartext transmission

Vuldb Updates

1 day 5 hours ago

A vulnerability was found in cURL. It has been classified as problematic. The affected element is an unknown function of the component HSTS Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is listed as CVE-2023-23915. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

vuldb.com

CVE-2023-1333 | RapidLoad Power-Up for Autoptimize Plugin up to 1.7.1 on WordPress clear_page_cache authorization (ID 2877726)

Vuldb Updates

1 day 5 hours ago

A vulnerability classified as problematic has been found in RapidLoad Power-Up for Autoptimize Plugin up to 1.7.1 on WordPress. Affected by this vulnerability is the function clear_page_cache. This manipulation causes missing authorization. The identification of this vulnerability is CVE-2023-1333. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2023-33498 | alist up to 3.16.3 unrestricted upload (EUVD-2023-1819)

Vuldb Updates

1 day 5 hours ago

A vulnerability labeled as critical has been found in alist up to 3.16.3. This affects an unknown part. The manipulation results in unrestricted upload. This vulnerability is cataloged as CVE-2023-33498. The attack must originate from the local network. There is no exploit available.

vuldb.com

CVE-2023-47240 | Codeboxr CBX Map for Google Map & OpenStreetMap Plugin up to 1.1.11 on WordPress cross site scripting

Vuldb Updates

1 day 5 hours ago

A vulnerability was found in Codeboxr CBX Map for Google Map & OpenStreetMap Plugin up to 1.1.11 on WordPress. It has been declared as problematic. Affected by this issue is some unknown functionality. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2023-47240. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2021-35942 | GNU C Library up to 2.33 posix/wordexp.c parse_param memory corruption (Nessus ID 247768)

Vuldb Updates

1 day 5 hours ago

A vulnerability classified as critical was found in GNU C Library up to 2.33. This impacts the function parse_param of the file posix/wordexp.c. Executing a manipulation can lead to memory corruption. This vulnerability is tracked as CVE-2021-35942. The attack is only possible within the local network. No exploit exists. It is advisable to implement a patch to correct this issue.

vuldb.com

CVE-2023-27533 | cURL up to 7.x Telnet Protocol special elements into a different plane (special element injection) (FEDORA-2023-7e7414e64d / Nessus ID 215959)

Vuldb Updates

1 day 5 hours ago

A vulnerability was found in cURL up to 7.x. It has been declared as problematic. This affects an unknown function of the component Telnet Protocol Handler. Executing a manipulation can lead to failure to sanitize special elements into a different plane (special element injection). This vulnerability is registered as CVE-2023-27533. The attack requires access to the local network. No exploit is available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-31726 | AList 3.15.1 information disclosure (EUVD-2023-36017)

Vuldb Updates

1 day 5 hours ago

A vulnerability classified as problematic has been found in AList 3.15.1. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is documented as CVE-2023-31726. The attack requires being on the local network. There is not any exploit available.

vuldb.com

CVE-2024-25699 | Esri Portal for ArcGIS up to 11.2 improper authentication

Vuldb Updates

1 day 5 hours ago

A vulnerability was found in Esri Portal for ArcGIS up to 11.2 and classified as critical. Impacted is an unknown function. Executing a manipulation can lead to improper authentication. This vulnerability is handled as CVE-2024-25699. The attack can be executed remotely. There is not any exploit available.

vuldb.com

The Gentleman

Dark Feed IO

1 day 5 hours ago

You must login to view this content

cohenido

SLH

Dark Feed IO

1 day 5 hours ago

You must login to view this content

cohenido

Is Agentic AI driven security scalable for large enterprises?

Security Boulevard

1 day 5 hours ago

How Can Non-Human Identities (NHIs) Transform Scalable Security for Large Enterprises? One might ask: how can large enterprises ensure scalable security without compromising on efficiency and compliance? The answer lies in the effective management of Non-Human Identities (NHIs) and secrets security management. With machine identities, NHIs are pivotal in crafting a robust security framework, especially […]

The post Is Agentic AI driven security scalable for large enterprises? appeared first on Entro.

The post Is Agentic AI driven security scalable for large enterprises? appeared first on Security Boulevard.

Alison Mack

What future-proof methods do Agentic AIs use in data protection?

Security Boulevard

1 day 5 hours ago

How Secure Is Your Organization’s Cloud Environment? How secure is your organization’s cloud environment? With the digital transformation accelerates, gaps in security are becoming increasingly noticeable. Non-Human Identities (NHIs), representing machine identities, are pivotal in these frameworks. In cybersecurity, they are formed by integrating a ‘Secret’—like an encrypted password or key—and the permissions allocated by […]

The post What future-proof methods do Agentic AIs use in data protection? appeared first on Entro.

The post What future-proof methods do Agentic AIs use in data protection? appeared first on Security Boulevard.

Alison Mack

How can cloud-native security be transformed by Agentic AI?

Security Boulevard

1 day 5 hours ago

How do Non-Human Identities Shape the Future of Cloud Security? Have you ever wondered how machine identities influence cloud security? Non-Human Identities (NHIs) are crucial for maintaining robust cybersecurity frameworks, especially in cloud environments. These identities demand a sophisticated understanding, when they are essential for secure interactions between machines and their environments. The Critical Role […]

The post How can cloud-native security be transformed by Agentic AI? appeared first on Entro.

The post How can cloud-native security be transformed by Agentic AI? appeared first on Security Boulevard.

Alison Mack

How do NHIs add value to cloud compliance auditing?

Security Boulevard

1 day 5 hours ago

What Makes Non-Human Identities Essential for Cloud Compliance Auditing? With cybersecurity threats evolve, how can organizations ensure their compliance measures are robust enough to handle the complexities of modern cloud environments? The answer lies in understanding and managing Non-Human Identities (NHIs)—a crucial component for establishing a secure and compliant framework in cloud computing. Understanding NHIs: […]

The post How do NHIs add value to cloud compliance auditing? appeared first on Entro.

The post How do NHIs add value to cloud compliance auditing? appeared first on Security Boulevard.

Alison Mack

Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities

darkreading

1 day 5 hours ago

Zscaler's acquisition of SquareX comes as competitors like CrowdStrike and Palo Alto Networks are also investing in secure browser technologies.

Jeffrey Schwartz

CVE-2025-38654 | Linux Kernel up to 6.15.9/6.16.0 devm_pinctrl_register uninitialized pointer (Nessus ID 276629 / WID-SEC-2025-1898)

Vuldb Updates

1 day 5 hours ago

A vulnerability described as critical has been identified in Linux Kernel up to 6.15.9/6.16.0. This impacts the function devm_pinctrl_register. Executing a manipulation can lead to uninitialized pointer. This vulnerability appears as CVE-2025-38654. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.

vuldb.com

CVE-2025-38655 | Linux Kernel up to 6.15.9/6.16.0 pinctrl of_get_property null pointer dereference (Nessus ID 276629 / WID-SEC-2025-1898)

Vuldb Updates

1 day 5 hours ago

A vulnerability classified as critical has been found in Linux Kernel up to 6.15.9/6.16.0. This affects the function of_get_property of the component pinctrl. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2025-38655. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-38656 | Linux Kernel wifi iwl_op_mode_dvm_start use after free (WID-SEC-2025-1898)

Vuldb Updates

1 day 5 hours ago

A vulnerability classified as critical was found in Linux Kernel. This vulnerability affects the function iwl_op_mode_dvm_start of the component wifi. Such manipulation leads to use after free. This vulnerability is traded as CVE-2025-38656. Access to the local network is required for this attack to succeed. There is no exploit available. Applying a patch is advised to resolve this issue.

vuldb.com

Aggregator

Managed ad