Aggregator

A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack

A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this issue is the function sub_65B5C. The manipulation of the argument wanSpeed leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-71019. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Tenda AX1806 1.0.0.1. Affected by this vulnerability is the function sub_65B5C. Executing a manipulation of the argument cloneType can lead to stack-based buffer overflow. This vulnerability appears as CVE-2025-70744. The attack may be performed from remote. There is no available exploit.

Спустя два года самый важный компонент Linux стал в разы безопаснее.

Silver Spring, Maryland, January 15th, 2026, CyberNewsWire Aembit today announced the agenda and speaker lineup for NHIcon 2026: The Rise of Agentic AI Security, a virtual conference scheduled for Jan. 27. The second-annual event will examine the technical, operational, and security challenges emerging as agentic artificial intelligence systems enter enterprise environments. NHIcon 2026 will feature […]

The post Aembit Announces Agenda and Speaker Lineup for NHIcon 2026 on Agentic AI Security appeared first on Cyber Security News.

McLean, Virginia, United States, 15th January 2026, CyberNewsWire

McLean, Virginia, United States, 15th January 2026, CyberNewsWire

The post AppGuard Critiques AI Hyped Defenses; Expands its Insider Release for its Next-Generation Platform appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, has been found in Revive Adserver up to 6.0.4. Affected is an unknown function of the file afr.php. Performing a manipulation of the argument target results in cross site scripting. This vulnerability is reported as CVE-2026-21664. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Revive Adserver up to 6.0.4. This impacts an unknown function of the file banner-acl.php. Such manipulation of the argument cap/session_capping/time leads to cross site scripting. This vulnerability is documented as CVE-2026-21663. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Revive Adserver up to 6.0.4. This affects an unknown function of the file banner-acl.php. This manipulation of the argument acls[0][executionorder] causes cross site scripting. This vulnerability is registered as CVE-2026-21642. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in Revive Adserver up to 6.0.4. The impacted element is an unknown function of the file tracker-delete.php. The manipulation of the argument clientid results in authorization bypass. This vulnerability is cataloged as CVE-2026-21641. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A data breach at the Netherlands-based company that sells Eurail (Interrail) train passes resulted in the compromise of personal and sensitive information belonging to an as-yet unknown number of travelers. What data was accessed? Eurail B.V. operates on behalf of a consortium of European railway companies, and sells single (usually multi-day) passes that let travelers explore Europe by train without having to buy individual tickets. The company acknowledged the breach with a public statement on … More →

The post Sensitive data of Eurail, Interrail travelers compromised in data breach appeared first on Help Net Security.

A vulnerability marked as problematic has been reported in SICK Incoming Goods Suite up to 1.2.0. The affected element is an unknown function. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-22637. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in SICK Incoming Goods Suite up to 1.2.0. Impacted is an unknown function of the component Content-Security-Policy Handler. Executing a manipulation can lead to cross site scripting. This vulnerability is tracked as CVE-2026-22638. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in SICK TDC-X401GL. This issue affects some unknown processing. Performing a manipulation results in use of weak credentials. This vulnerability is identified as CVE-2026-22920. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as problematic has been discovered in SICK TDC-X401GL up to 1.4.x. This vulnerability affects unknown code. Such manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2026-22919. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in SICK TDC-X401GL. It has been rated as problematic. This affects an unknown part. This manipulation causes exposure of sensitive system information to an unauthorized control sphere. The identification of this vulnerability is CVE-2026-22915. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in SICK TDC-X401GL up to 1.4.x. It has been declared as problematic. Affected by this issue is some unknown functionality of the component URL Parameter Handler. The manipulation results in cross site scripting. This vulnerability was named CVE-2026-22913. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in SICK TDC-X401GL up to 1.3.x. It has been classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect privilege assignment. This vulnerability is uniquely identified as CVE-2026-22907. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in SICK TDC-X401GL up to 1.4.x and classified as problematic. Affected is an unknown function of the component System Endpoint. Executing a manipulation can lead to allocation of resources. This vulnerability is handled as CVE-2026-22917. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.