Aggregator

New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. [...]

Currently trending CVE - hypeScore: 1 - An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could

Currently trending CVE - hypeScore: 1 - Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

Currently trending CVE - hypeScore: 1

Currently trending CVE - hypeScore: 1 - A vulnerability classified as critical has been found in TOTOLINK X18 9.1.0cu.2024_B20220329. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation as part of String leads to stack-based buffer overflow. It is possible to launch the attack rem

Currently trending CVE - hypeScore: 2 - The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through 2024 ships with default credentials (username freedom, password viscount). The administrator is not prompted to change these credentials on initial configuration, and changing the cr

Currently trending CVE - hypeScore: 2 - An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an

A report by cybersecurity firm Hudson Rock says hundreds of computers from the U.S. Army and Navy and defense contractors like Honeywell and Boeing are infected with infostealer malware, endangering the security of the systems and threatening third-party players.

The post US Military, Defense Contractors Infected with Infostealers: Hudson Rock appeared first on Security Boulevard.

Uniek Inc Has Fallen Victim to Cactus Ransomware

A vulnerability was found in GNU grub2. It has been rated as critical. Affected by this issue is the function strcpy of the file fs/hfs.c of the component hfs. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2024-45782. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in GNU grub2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component hfs. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2025-1125. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in GNU grub2. It has been classified as critical. Affected is an unknown function. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2025-0690. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in GNU grub2 and classified as critical. This issue affects the function grub_udf_read_block of the component udf. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2025-0689. Local access is required to approach this attack. There is no exploit available.

A vulnerability has been found in GNU grub2 and classified as critical. This vulnerability affects unknown code of the component romfs. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2025-0686. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as critical, was found in GNU grub2. This affects an unknown part of the component jfs Filesystem Handler. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2025-0685. The attack needs to be approached locally. There is no exploit available.

A vulnerability, which was classified as critical, has been found in GNU grub2. Affected by this issue is some unknown functionality of the component reiserfs. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2025-0684. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability classified as critical was found in GNU grub2. Affected by this vulnerability is an unknown functionality of the component squash4. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2025-0678. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as critical has been found in GNU grub2. Affected is an unknown function of the component UFS. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2025-0677. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in GNU grub2. It has been rated as critical. This issue affects the function grub_net_search_config_file. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2025-0624. The attack can only be done within the local network. There is no exploit available.

A vulnerability was found in GNU grub2. It has been declared as critical. This vulnerability affects unknown code of the component tar Handler. The manipulation leads to integer overflow. This vulnerability was named CVE-2024-45780. The attack needs to be approached locally. There is no exploit available.