Aggregator

By focusing on vigilant security practices, responsible AI deployment, and alignment with global regulatory standards, the OSS community can make 2025 a transformative year for security.

A vulnerability, which was classified as problematic, has been found in CloudBees Jenkins 1.523. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2013-5573. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Miloš Đekić Inline Tweets Plugin up to 2.0 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-22570. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in grandslambert Featured Page Widget Plugin up to 2.2 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-22569. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Anshul Sojatia Scan External Links Plugin up to 1.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-22583. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in OFFIS DCMTK 3.6.8. This affects the function nowindow of the component DICOM File Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2024-47796. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in OFFIS DCMTK 3.6.8. Affected by this issue is the function determineMinMax of the component DICOM File Handler. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-52333. The attack may be launched remotely. There is no exploit available.

A Threat Actor Claims to be Selling Access to an Unidentified Netherlands Company

A vulnerability, which was classified as critical, was found in CE Phoenix 1.0.8.20. Affected is an unknown function of the file /admin/define_language.php. The manipulation leads to injection. This vulnerability is traded as CVE-2024-25415. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Darktrace Threat Visualizer up to 6.1.27. Affected by this vulnerability is an unknown functionality of the component Main Page. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-22854. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in URLite 3.1.0. This affects the function parsing. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-51931. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability has been found in Luxion KeyShot Viewer 12.1.1.11 and classified as critical. Affected by this vulnerability is an unknown functionality of the component KSP File Parser. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-0412. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in liujianview gymxmjpa 1.0. It has been rated as critical. Affected by this issue is the function LoosDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/LoosController.java. The manipulation of the argument loosName leads to sql injection. This vulnerability is handled as CVE-2025-0408. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in liujianview gymxmjpa 1.0. This affects the function MembertypeDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/MembertypeController.java. The manipulation of the argument typeName leads to sql injection. This vulnerability is uniquely identified as CVE-2025-0409. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in liujianview gymxmjpa 1.0. This vulnerability affects the function MenberDaoInpl of the file src/main/java/com/liujian/gymxmjpa/controller/MenberConntroller.java. The manipulation of the argument hyname leads to sql injection. This vulnerability was named CVE-2025-0410. The attack can be initiated remotely. Furthermore, there is an exploit available.

2025 年将是网络安全防御史上最具挑战性的一年，人工智能、地缘政治不稳定和不断演变的攻击面交汇，呈现出更加复 […]

A vulnerability was found in Facebook ParlAI up to 1.0.x. It has been rated as critical. This issue affects some unknown processing of the component YAML Handler. The manipulation leads to deserialization. The identification of this vulnerability is CVE-2021-24040. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Простое научное открытие сделало классическое блюдо доступнее.

This is a news item roundup of privacy or privacy-related news