Aggregator

CVE-2025-54480 | Biosig libbiosig 3.9.0 MFER Parser biosig.c stack-based overflow (TALOS-2025-2234 / EUVD-2025-25683)

Vuldb Updates
5 months 3 weeks ago
A vulnerability was found in Biosig libbiosig 3.9.0. It has been declared as critical. This issue affects some unknown processing of the file biosig.c of the component MFER Parser. Executing manipulation can lead to stack-based buffer overflow. This vulnerability is tracked as CVE-2025-54480. The attack can be launched remotely. No exploit exists.
vuldb.com

CVE-2025-54487 | Biosig libbiosig 3.9.0 MFER Parser biosig.c stack-based overflow (TALOS-2025-2234 / EUVD-2025-25676)

Vuldb Updates
5 months 3 weeks ago
A vulnerability marked as critical has been reported in Biosig libbiosig 3.9.0. Affected by this issue is some unknown functionality of the file biosig.c of the component MFER Parser. The manipulation leads to stack-based buffer overflow. This vulnerability is documented as CVE-2025-54487. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

Fake Google Play Store Websites Deliver Potent RAT to Steal Sensitive Data

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
5 months 3 weeks ago

Cybersecurity researchers have uncovered a persistent campaign deploying the AndroidOS SpyNote malware, a sophisticated Remote Access Trojan (RAT) designed for surveillance, data exfiltration, and remote device control. This operation mimics legitimate Google Play Store pages for popular Android apps, tricking users into downloading malicious APK files. The campaign, linked to the same threat actor previously […]

The post Fake Google Play Store Websites Deliver Potent RAT to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Chinese APT Hackers Using Proxy and VPN Service to Anonymize Infrastructure

Cyber Security News
5 months 3 weeks ago

In recent months, cybersecurity researchers have observed a surge in targeted campaigns by a sophisticated Chinese APT group leveraging commercial proxy and VPN services to mask their attack infrastructure. The emergence of this tactic coincides with a broader shift toward commoditized anonymization platforms that blend threat actor traffic with legitimate user activity. Initial compromise vectors […]

The post Chinese APT Hackers Using Proxy and VPN Service to Anonymize Infrastructure appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2025-56215 | PHPGurukul Hospital Management System 4.0 contact.php pagetitle sql injection

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been rated as critical. The affected element is an unknown function of the file contact.php. This manipulation of the argument pagetitle causes sql injection. The identification of this vulnerability is CVE-2025-56215. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-56214 | PHPGurukul Hospital Management System 4.0 index.php Username sql injection

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Impacted is an unknown function of the file index.php. The manipulation of the argument Username results in sql injection. This vulnerability was named CVE-2025-56214. The attack may be performed from a remote location. There is no available exploit.
vuldb.com

CVE-2025-50900 | Rebuild 4.0.4 com.rebuild.web.RebuildWebinterceptor/ preHandle access control

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability was found in Rebuild 4.0.4. It has been classified as critical. This issue affects the function preHandle of the component com.rebuild.web.RebuildWebinterceptor/. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-50900. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

Managed ad