Aggregator

Submit #475255 / VDB-291933

Submit #475254 / VDB-291932

Submit #475249 / VDB-291931

Submit #475247 / VDB-291930

Submit #475245 / VDB-291929

Submit #475240 / VDB-291928

Submit #475237 / VDB-291927

A vulnerability, which was classified as problematic, has been found in Google Chrome. Affected by this issue is some unknown functionality of the component Extensions. The manipulation leads to clickjacking. This vulnerability is handled as CVE-2025-0446. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Google Chrome. Affected by this vulnerability is an unknown functionality of the component Navigation. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2025-0447. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

波兰数字游戏平台 GOG 宣布加入欧洲最大的游戏保存组织 European Federation of Game Archives, Museums, and Preservation Projects (EFGAMP)。该组织的成员包括了VIGAMUS — The Video Game Museum in Rome, MO5.COM in France、Computerspielemuseum in Berlin、The Netherlands Institute for Sound & Vision 和 Embracer Games Archive 等等，该组织致力于将游戏作为文化遗产加以保护。GOG 去年 12 月宣布了 GOG Preservation Program，确保经典游戏能在新一代操作系统上正常运行。GOG 董事总经理 Maciej Gołębiewski 表示该平台在成立之初就将游戏保存作为其核心使命之一。

A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2025-0481. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. "Attackers can take control of a malicious server and read/write arbitrary files of any connected client," the CERT Coordination Center (CERT/CC) said in an advisory. "Sensitive data, such as SSH keys,

Submit #475011 / VDB-291924

A vulnerability was found in Google Chrome. It has been rated as problematic. This issue affects some unknown processing of the component Compositing. The manipulation leads to clickjacking. The identification of this vulnerability is CVE-2025-0448. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Moxa MGate 5121, MGate 5122 and MGate 5123 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Login Message Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-0193. The attack can be initiated remotely. There is no exploit available.

Every ticking second is a chance for cyber threats to creep in.  For businesses, the stakes couldn’t be higher. One malicious email opened by an employee, and the malware can spread across office computers faster than mushrooms after rain. The consequences? Lost data, financial damage, and a hit to your company’s reputation.  To stop these […]

The post YARA Rules: Cyber Threat Detection Tool for Modern Cybersecurity appeared first on ANY.RUN's Cybersecurity Blog.

A vulnerability was found in Google Chrome. It has been classified as critical. This affects an unknown part of the component Extensions. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2025-0443. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Тысячи корпоративных сетей оказались беззащитны перед критической уязвимостью.