Aggregator
Content Credentials Technology Verifies Image, Video Authenticity
1 year 5 months ago
The open technology, which tackles disinformation, has gained steam in the past year, surpassing 500 corporate members and continuing to evolve.
Robert Lemos, Contributing Writer
DEF CON 32 – ICS 101
1 year 5 months ago
Authors/Presenters: Bryson Bort, Tom VanNorman
-
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – ICS 101 appeared first on Security Boulevard.
Marc Handelman
CVE-2024-6097 | Progress Telerik Reporting prior 19.0.25.211 absolute path traversal
1 year 5 months ago
A vulnerability classified as problematic was found in Progress Telerik Reporting 10.2.24.924/18.0.24.130/18.1.24.2.514/18.1.24.709/18.2.24.924. Affected by this vulnerability is an unknown functionality. The manipulation leads to absolute path traversal.
This vulnerability is known as CVE-2024-6097. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-25343 | Tenda AC6 15.03.05.16 formexeCommand buffer overflow
1 year 5 months ago
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function formexeCommand. The manipulation leads to buffer overflow.
This vulnerability is traded as CVE-2025-25343. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-11343 | Progress Telerik Document Processing Libraries 2024.4.1106 path traversal
1 year 5 months ago
A vulnerability was found in Progress Telerik Document Processing Libraries 2024.4.1106. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to path traversal.
The identification of this vulnerability is CVE-2024-11343. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-0937 | HashiCorp Nomad/Nomad Enterprise up to 1.9.5 ACL Policy authorization
1 year 5 months ago
A vulnerability was found in HashiCorp Nomad and Nomad Enterprise up to 1.9.5. It has been declared as critical. This vulnerability affects unknown code of the component ACL Policy. The manipulation leads to incorrect authorization.
This vulnerability was named CVE-2025-0937. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-46910 | Apache Atlas up to 2.3.0 cross site scripting
1 year 5 months ago
A vulnerability was found in Apache Atlas up to 2.3.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-46910. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-25744 | D-Link DIR-853 A1 1.20B07 SetDynamicDNSSettings Module Password stack-based overflow
1 year 5 months ago
A vulnerability was found in D-Link DIR-853 A1 1.20B07 and classified as critical. Affected by this issue is some unknown functionality of the component SetDynamicDNSSettings Module. The manipulation of the argument Password leads to stack-based buffer overflow.
This vulnerability is handled as CVE-2025-25744. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-25743 | D-Link DIR-853 A1 1.20B07 SetVirtualServerSettings Module command injection
1 year 5 months ago
A vulnerability, which was classified as critical, was found in D-Link DIR-853 A1 1.20B07. Affected is an unknown function of the component SetVirtualServerSettings Module. The manipulation leads to command injection.
This vulnerability is traded as CVE-2025-25743. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-25741 | D-Link DIR-853 A1 1.20B07 SetIPv6PppoeSettings Module IPv6_PppoePassword stack-based overflow
1 year 5 months ago
A vulnerability has been found in D-Link DIR-853 A1 1.20B07 and classified as critical. Affected by this vulnerability is an unknown functionality of the component SetIPv6PppoeSettings Module. The manipulation of the argument IPv6_PppoePassword leads to stack-based buffer overflow.
This vulnerability is known as CVE-2025-25741. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-25746 | D-Link DIR-853 A1 1.20B07 SetWanSettings Module Password stack-based overflow
1 year 5 months ago
A vulnerability, which was classified as critical, has been found in D-Link DIR-853 A1 1.20B07. This issue affects some unknown processing of the component SetWanSettings Module. The manipulation of the argument Password leads to stack-based buffer overflow.
The identification of this vulnerability is CVE-2025-25746. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-25742 | D-Link DIR-853 A1 1.20B07 SetSysEmailSettings Module AccountPassword stack-based overflow
1 year 5 months ago
A vulnerability classified as critical was found in D-Link DIR-853 A1 1.20B07. This vulnerability affects unknown code of the component SetSysEmailSettings Module. The manipulation of the argument AccountPassword leads to stack-based buffer overflow.
This vulnerability was named CVE-2025-25742. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-25182 | gchq stroom up to 7.2.23/7.3-beta.21/7.4.3/7.5-beta.1 authentication spoofing (GHSA-x489-xx2m-vc43)
1 year 5 months ago
A vulnerability classified as critical has been found in gchq stroom up to 7.2.23/7.3-beta.21/7.4.3/7.5-beta.1. This affects an unknown part. The manipulation leads to authentication bypass by spoofing.
This vulnerability is uniquely identified as CVE-2025-25182. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-12629 | Progress Telerik KendoReact up to 9.4.0 prototype pollution
1 year 5 months ago
A vulnerability was found in Progress Telerik KendoReact up to 9.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution').
This vulnerability is handled as CVE-2024-12629. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-11629 | Progress Telerik Document Processing Libraries 2024.4.1106 .NET Standard 2.0 file access
1 year 5 months ago
A vulnerability was found in Progress Telerik Document Processing Libraries 2024.4.1106. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component .NET Standard 2.0. The manipulation leads to files or directories accessible.
This vulnerability is known as CVE-2024-11629. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-11628 | Progress Telerik Kendo UI for Vue up to 6.0.1 prototype pollution (tion-2024-11628)
1 year 5 months ago
A vulnerability was found in Progress Telerik Kendo UI for Vue up to 6.0.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution').
This vulnerability is traded as CVE-2024-11628. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel
1 year 5 months ago
Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel, a Trump administration source told CNN. The New York Times first reported that Alexander Vinnik, a Russian money laundering suspect, is being released from U.S. custody in exchange for Marc Fogel, according to a Trump administration source. Alexander Vinnik, a […]
Pierluigi Paganini
Feds Sanction Russian Hosting Provider for Supporting LockBit Attacks
1 year 5 months ago
US, UK, and Australian law enforcement have targeted a company called Zservers (and two of its administrators) for providing bulletproof hosting services to the infamous ransomware gang.
Elizabeth Montalbano, Contributing Writer
大规模物联网数据泄露事件曝光27亿条记录,包含Wi-Fi密码
1 year 5 months ago
大规模物联网数据泄露事件曝光27亿条记录,包含Wi-Fi密码,涉及全球设备用户,严重危及网络安全,呼吁立即采取措施保护敏感数据。