Aggregator

The Cybersecurity and Infrastructure Security Agency's role in risk management needs to expand, not shrink.

Data Leak of DeBoleto Ticketing Platform Reported on Dark Web

Осторожно: аферисты активизировались перед праздниками.

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_state.php. The manipulation of the argument state_id leads to sql injection. This vulnerability is known as CVE-2025-2054. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /visitor-detail.php. The manipulation of the argument editid leads to sql injection. This vulnerability is traded as CVE-2025-2053. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /forgot-password.php. The manipulation of the argument contactno leads to sql injection. The identification of this vulnerability is CVE-2025-2052. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-visitor.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability was named CVE-2025-2051. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Finder Fire Safety Finder ERP CRM. This affects an unknown part. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2024-12144. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Submit #514346 / VDB-298807

Chainguard modified Cassandra so organizations needing FIPS-approved encryption can finally use it—without risky workarounds or costly custom fixes. Apache Cassandr ia a powerful open-source database used by companies worldwide, but it wasn’t built with FIPS compliance in mind. Why Is This a Big Deal? Cassandra powers mission-critical systems for Netflix, Apple, and even the European […]

The post Chainguard “FIPS” Apache Cassandra  appeared first on Centraleyes.

The post Chainguard “FIPS” Apache Cassandra  appeared first on Security Boulevard.

Когда утечка данных превращается в мощный инструмент противодействия киберугрозам.

A vulnerability, which was classified as problematic, has been found in Finder Fire Safety Finder ERP CRM. Affected by this issue is some unknown functionality. The manipulation leads to improper validation of syntactic correctness of input. This vulnerability is handled as CVE-2024-12146. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. This vulnerability is known as CVE-2025-2050. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #514234 / VDB-298806

Submit #514218 / VDB-298805

Submit #514191 / VDB-298804

A vulnerability classified as problematic has been found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file AB+.php. The manipulation of the argument Bloodname leads to cross site scripting. This vulnerability is traded as CVE-2025-2049. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Smartwares CIP-37210AT and C724IP up to 3.3.0. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2024-13894. It is possible to launch the attack on the local host. There is no exploit available.

Persona announced the next generation of their unified KYC-KYB platform that will combat sophisticated fraud during business onboarding and throughout the business lifecycle. These enhancements deliver insights into both businesses and the individuals behind them, enabling more effective fraud detection compared to traditional single-focus solutions. The rise in business fraud has created significant challenges across industries, from marketplace merchant fraud to fintech application fraud. According to the FTC, business identity theft has reached unprecedented levels, … More →

The post Persona combats fraud during business onboarding appeared first on Help Net Security.