Aggregator

CVE-2025-5268 | Mozilla Thunderbird up to 138 memory corruption (Nessus ID 237297)

VulDB Recent Entries
8 months 2 weeks ago
A vulnerability was found in Mozilla Thunderbird up to 138. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-5268. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-5266 | Mozilla Firefox up to 138 cross-domain policy (Nessus ID 237297)

VulDB Recent Entries
8 months 2 weeks ago
A vulnerability was found in Mozilla Firefox up to 138 and classified as problematic. This issue affects some unknown processing. The manipulation leads to permissive cross-domain policy with untrusted domains. The identification of this vulnerability is CVE-2025-5266. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

New MCP server from groundcover redefines LLM observability

Help Net Security
8 months 2 weeks ago

A new MCP server, faster than any other on the market, is launching today from groundcover, the eBPF-driven observability platform. Developers can now enhance their AI-driven workflows with deep system context, powered by groundcover’s granular access to logs, metrics, and traces via eBPF. “AI is transforming software development and enabling teams to move faster than ever – but to ensure accuracy and reliability, AI needs the same deep context developers rely on,” said Orr Benjamin, … More →

The post New MCP server from groundcover redefines LLM observability appeared first on Help Net Security.

Industry News

Protecting Firewall Capacity from DDoS and Other Threats

Netscout
8 months 2 weeks ago
Firewalls are important network devices for security and other applications. They help filter traffic based on specific criteria to prevent illegitimate users from accessing the network. They are not, however, designed specifically for distributed denial-of-service (DDoS) protection. Many networks suffer from...
Brad Christian

CVE-2024-34048 | O-RAN RIC I-Release e2mgr E2nodeConfigUpdateNotificationHandler array index

Vuldb Updates
8 months 2 weeks ago
A vulnerability was found in O-RAN RIC I-Release e2mgr. It has been declared as critical. Affected by this vulnerability is the function E2nodeConfigUpdateNotificationHandler. The manipulation leads to improper validation of array index. This vulnerability is known as CVE-2024-34048. The attack needs to be done within the local network. There is no exploit available.
vuldb.com

CVE-2016-6599 | BMC Track-It! up to 11.4 HF2 ConfigurationService Credentials credentials management (ID 146110 / EDB-43883)

Vuldb Updates
8 months 2 weeks ago
A vulnerability was found in BMC Track-It! up to 11.4 HF2. It has been classified as problematic. Affected is an unknown function of the component ConfigurationService. The manipulation leads to credentials management (Credentials). This vulnerability is traded as CVE-2016-6599. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Vulnerabilities found in NASA’s open source software

Help Net Security
8 months 2 weeks ago

Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec credentials include founding and leading DefenseCode, is no stranger NASA: in 2009, he discovered and reported a number of serious vulnerabilities in NASA’s Common Data Format (CDF) software library, which ended up getting fixed by the developers. His latest probing of … More →

The post Vulnerabilities found in NASA’s open source software appeared first on Help Net Security.

Zeljka Zorz

CVE-2024-50672 | Adapt Learning Adapt Authoring Tool up to 0.11.3 Mongoose find sql injection (EDB-52208)

Vuldb Updates
8 months 2 weeks ago
A vulnerability was found in Adapt Learning Adapt Authoring Tool up to 0.11.3. It has been classified as critical. Affected is the function find of the component Mongoose. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-50672. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad