Aggregator
CVE-2025-26700 | Siber Systems RoboForm Password Manager up to 9.7.3 on Android authentication bypass
CVE-2025-1387 | Learning Digital Orca HCM up to 10.x weak authentication
CVE-2025-1388 | Learning Digital Orca HCM up to 10.x unrestricted upload
CVE-2025-1370 | MicroWorld eScan Antivirus 7.0.32 on Linux Autoscan USB epsdaemon sprintf os command injection
CVE-2025-1371 | GNU elfutils 0.192 eu-read readelf.c handle_dynamic_symtab null pointer dereference (Bug 32655)
CVE-2025-1377 | GNU elfutils 0.192 eu-strip strip.c gelf_getsymshndx denial of service (Bug 32673)
CVE-2025-0924 | melapress WP Activity Log Plugin up to 5.2.2 on WordPress cross site scripting
CVE-2025-1372 | GNU elfutils 0.192 eu-readelf readelf.c dump_data_section/print_string_section z/x buffer overflow (Bug 32656)
CVE-2025-0648 | M-Files Server up to 24.11 Database Driver uncaught exception
CVE-2024-12501 | kylephillips Simple Locator Plugin up to 2.0.3 on WordPress Shortcode cross site scripting
CVE-2024-11755 | acewebx IMS Countdown Plugin up to 1.3.4 on WordPress Countdown Post Setting cross site scripting
CVE-2004-1986 | Coppermine Photo Gallery db_input.php Path information disclosure (EDB-24073 / XFDB-16039)
特朗普政府封禁了 Julianne Moore 的儿童书《Freckleface Strawberry》
Госструктуры в осаде: майнеры шифруют трафик и скрываются в системных процессах
CVE-2024-11759 | Bukza Plugin up to 2.0.0 on WordPress Shortcode bukza cross site scripting
Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers
Security researchers have uncovered sophisticated malware targeting WordPress websites, leveraging hidden backdoors to enable remote code execution (RCE). These attacks exploit vulnerabilities in WordPress core features and plugins, allowing hackers to gain unauthorized access, execute arbitrary code, and maintain control over compromised sites. The findings highlight the critical need for robust security measures in WordPress […]
The post Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
8 - CVE-2024-7014
Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB
A critical security vulnerability in Xerox’s Versalink C7025 Multifunction Printer (MFP) has been uncovered, exposing enterprise networks to credential theft and lateral attacks. The flaw, discovered by Rapid7 Principal IoT Researcher Deral Heiland, enables malicious actors to intercept Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) authentication data through pass-back attacks. The vulnerabilities, […]
The post Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
New XCSSET Malware Targets macOS Users Through Infected Xcode Projects
Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking its first update since 2022. This sophisticated malware continues to target macOS users by infecting Xcode projects, a critical tool for Apple developers. The latest variant introduces advanced obfuscation techniques, updated persistence mechanisms, and novel infection strategies, making it more challenging […]
The post New XCSSET Malware Targets macOS Users Through Infected Xcode Projects appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.