Aggregator
CVE-2025-3473 | IBM Security Guardium 12.1 insecure inherited permissions (EUVD-2025-18122)
3 months 1 week ago
A vulnerability has been found in IBM Security Guardium 12.1 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to insecure inherited permissions.
This vulnerability is known as CVE-2025-3473. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48447 | Lightgallery up to 1.5.x on Drupal cross site scripting (sa-contrib-2025-069 / EUVD-2025-18123)
3 months 1 week ago
A vulnerability, which was classified as problematic, was found in Lightgallery up to 1.5.x on Drupal. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2025-48447. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48013 | Quick Node Block up to 1.x on Drupal authorization (sa-contrib-2025-065 / EUVD-2025-18109)
3 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Quick Node Block up to 1.x on Drupal. This issue affects some unknown processing. The manipulation leads to missing authorization.
The identification of this vulnerability is CVE-2025-48013. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48446 | Commerce Alphabank Redirect up to 1.0.2 on Drupal authorization (sa-contrib-2025-067 / EUVD-2025-18126)
3 months 1 week ago
A vulnerability classified as critical was found in Commerce Alphabank Redirect up to 1.0.2 on Drupal. This vulnerability affects unknown code. The manipulation leads to incorrect authorization.
This vulnerability was named CVE-2025-48446. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-4605 | Autodesk USD for Maya/USD for 3ds Max/Maya usdc File memory allocation
3 months 1 week ago
A vulnerability was found in Autodesk USD for Maya, USD for 3ds Max and Maya. It has been rated as problematic. Affected by this issue is some unknown functionality of the component usdc File Handler. The manipulation leads to uncontrolled memory allocation.
This vulnerability is handled as CVE-2025-4605. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-0163 | IBM Security Verify Access up to 10.0.8 observable response discrepancy (EUVD-2025-18121)
3 months 1 week ago
A vulnerability classified as problematic has been found in IBM Security Verify Access and Security Verify Access Docker up to 10.0.8. This affects an unknown part. The manipulation leads to observable response discrepancy.
This vulnerability is uniquely identified as CVE-2025-0163. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48444 | Quick Node Block up to 1.x on Drupal authorization (sa-contrib-2025-064 / EUVD-2025-18110)
3 months 1 week ago
A vulnerability was found in Quick Node Block up to 1.x on Drupal. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authorization.
This vulnerability is known as CVE-2025-48444. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-6002 | VirtueMart up to 4.4.9 Product Image Section unrestricted upload (EUVD-2025-18127)
3 months 1 week ago
A vulnerability was found in VirtueMart up to 4.4.9. It has been classified as critical. Affected is an unknown function of the component Product Image Section. The manipulation leads to unrestricted upload.
This vulnerability is traded as CVE-2025-6002. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48445 | Commerce Eurobank up to 2.1.0 on Drupal authorization (sa-contrib-2025-066 / EUVD-2025-18125)
3 months 1 week ago
A vulnerability was found in Commerce Eurobank up to 2.1.0 on Drupal and classified as critical. This issue affects some unknown processing. The manipulation leads to incorrect authorization.
The identification of this vulnerability is CVE-2025-48445. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48448 | Admin Audit Trail up to 1.0.4 on Drupal allocation of resources (sa-contrib-2025-068 / EUVD-2025-18124)
3 months 1 week ago
A vulnerability has been found in Admin Audit Trail up to 1.0.4 on Drupal and classified as problematic. This vulnerability affects unknown code. The manipulation leads to allocation of resources.
This vulnerability was named CVE-2025-48448. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
How Amazon Web Services uses AI to be a security ‘force multiplier’
3 months 1 week ago
Amazon CSO Stephen Schmidt says AI is transforming the way the company does security reviews and incident response.
The post How Amazon Web Services uses AI to be a security ‘force multiplier’ appeared first on CyberScoop.
Greg Otto
美国众议院金融服务委员会推进加密货币 CLARITY 法案
3 months 1 week ago
安全客
德克萨斯州警告30万份事故报告通过受影响的用户帐户窃取
3 months 1 week ago
安全客
一道国际赛题洞悉块加密的差分攻击
3 months 1 week ago
UMDCTF-2025有这么一题,运用了ARX密码差分攻击
Adobe 发布补丁修复 254 个漏洞,填补高严重性安全漏洞
3 months 1 week ago
安全客
Linux стал расходовать больше энергии? Вы не одни — но теперь всё исправлено
3 months 1 week ago
Разработчики откатили опасное изменение в ядре.
德克萨斯州交通部 (TxDOT) 数据泄露事件暴露了 30 万份车祸报告
3 months 1 week ago
安全客
Securonix Acquires Threat Intelligence Firm ThreatQuotient
3 months 1 week ago
The deal will combine Securonix's security information and event management (SIEM) platform with ThreatQuotient's threat detection and incident response (TDIR) offering to build an all-in-one security operations stack.
Jeffrey Schwartz
CVE-2025-46873 | Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48 / Nessus ID 238053)
3 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Adobe Experience Manager up to 6.5.22. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2025-46873. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com