Aggregator

A vulnerability, which was classified as problematic, has been found in Y Soft SAFEQ 6 Build 53. This issue affects some unknown processing of the component YSoft SafeQ Web Application. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2022-23861. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Google Chrome. This issue affects some unknown processing of the component V8. The manipulation leads to type confusion. The identification of this vulnerability is CVE-2024-10230. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown function of the component V8. The manipulation leads to type confusion. This vulnerability is traded as CVE-2024-10231. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Правозащитники выявили новые методы цифровой слежки в Сербии.

Cyber threats don’t take a break, and February 2025 proved just that. This month, we saw some serious vulnerabilities that could cause major problems if not patched quickly. From remote...

The post Top CVEs & Vulnerabilities February 2025 appeared first on Strobes Security.

The post Top CVEs & Vulnerabilities February 2025 appeared first on Security Boulevard.

A vulnerability classified as very critical has been found in Radare2 up to 5.9.8. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2025-1864. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Zoho ManageEngine ADSelfService Plus up to 6510. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2025-1723. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

2024年勒索软件攻击激增11%，新组织RansomHub、Fog和Lynx崛起，全球95个组织活跃，网络安全面临严峻挑战。

Palo Alto Networks introduced today Prisma SASE 5G, delivering the functionality and capabilities customers need to stay protected for the future state of mobility and connectivity. The company also announced the expansion of its private 5G collaborations, working with seven industry leaders to deliver end-to-end private 5G security solutions and services designed to protect enterprise 5G deployments. With the rise in digitization, coupled with massive device connectivity, securing 5G connected devices and protecting the data … More →

The post Palo Alto Networks provides AI-powered security to 5G enterprise customers appeared first on Help Net Security.

网络安全等级保护2.0-三级信息系统-物理环境-测评指导书

A vulnerability classified as critical was found in code-projects Police FIR Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Delete Record Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-1187. Attacking locally is a requirement. Furthermore, there is an exploit available.

这一创新工具集成于Gboard，提供更强的反垃圾邮件保护，助力用户管理数字身份。

A vulnerability was found in EventON Plugin up to 3.0.5 on WordPress. It has been classified as problematic. Affected is an unknown function of the file addons of the component Search Field Handler. The manipulation of the argument q leads to cross site scripting. This vulnerability is traded as CVE-2020-29395. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

本文将深入探讨企业云安全中存储桶的常见攻击手法

Meer dan 1.000 Nederlandse militairen doen vanaf vandaag in en rond Noorwegen mee aan de grote NAVO-oefening Joint Viking. Zij bereiden zich op land en vanaf het water voor op het verdedigen van het buurland van Rusland. De komende weken leveren zo’n 10.000 militairen uit meerdere landen een bijdrage.

A vulnerability, which was classified as problematic, was found in itsourcecode Loan Management System 1.0. This affects an unknown part of the component Borrowers Page. The manipulation of the argument lastname/firstname/middlename/address/contact_no/email/tax_id leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-48415. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Camaleon CMS 2.7.5 and classified as problematic. This issue affects some unknown processing. The manipulation of the argument content group name leads to cross site scripting. The identification of this vulnerability is CVE-2024-48652. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in Transients Manager Plugin up to 2.0.6 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-10045. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in WP Shortcodes Plugin up to 7.2.2 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-8500. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Telestream Sentry 6.0.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /?page=reports of the component Reports Page. The manipulation of the argument z leads to cross site scripting. This vulnerability is known as CVE-2024-10276. The attack can be launched remotely. Furthermore, there is an exploit available.