Aggregator

A vulnerability was found in Tenda CH22 1.0.0.1. It has been declared as critical. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. This vulnerability appears as CVE-2025-9748. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Mojoomla School Management Plugin up to 1.93.1 on WordPress. It has been classified as critical. Affected by this vulnerability is an unknown functionality. Performing manipulation results in unrestricted upload. This vulnerability is reported as CVE-2025-31100. The attack is possible to be carried out remotely. No exploit exists.

Submit #640488 / VDB-322050

Submit #640422 / VDB-322049

Суд установил: компания скрыла данные, которые позже восстановил хакер.

A vulnerability, which was classified as critical, has been found in Apple iOS and iPadOS. This impacts an unknown function of the component Video File Handler. Performing manipulation results in memory corruption. This vulnerability is known as CVE-2024-44233. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Apple visionOS. This affects an unknown function of the component Video File Handler. Such manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-44233. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability labeled as critical has been found in Apple iOS and iPadOS. This issue affects some unknown processing of the component Video File Handler. Executing manipulation can lead to memory corruption. This vulnerability is registered as CVE-2024-44232. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Apple tvOS. Impacted is an unknown function of the component Video File Handler. The manipulation leads to memory corruption. This vulnerability is documented as CVE-2024-44232. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Apple watchOS. The affected element is an unknown function of the component Video File Handler. The manipulation results in memory corruption. This vulnerability is reported as CVE-2024-44232. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Apple macOS. The impacted element is an unknown function of the component Video File Handler. This manipulation causes memory corruption. This vulnerability appears as CVE-2024-44233. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability identified as problematic has been detected in Apple macOS up to 15.0. This impacts an unknown function of the component Login Window. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2024-44231. It is possible to launch the attack on the physical device. No exploit exists. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Apple macOS. This affects an unknown part of the component Video File Handler. Such manipulation leads to memory corruption. This vulnerability is listed as CVE-2024-44232. The attack may be performed from a remote location. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in Apple visionOS. This vulnerability affects unknown code of the component Video File Handler. Performing manipulation results in memory corruption. This vulnerability is cataloged as CVE-2024-44232. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Apple visionOS. It has been declared as problematic. This affects an unknown function of the component Browsing History Handler. The manipulation results in information disclosure. This vulnerability is identified as CVE-2024-44229. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS. It has been rated as problematic. This impacts an unknown function of the component Browsing History Handler. This manipulation causes information disclosure. This vulnerability is tracked as CVE-2024-44229. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is advised.

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) CVE-2025-48384, a recently patched vulnerability in the … More →

The post Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw appeared first on Help Net Security.

- 杰克韦尔奇自传 - Working: Researching, Interviewing, Writing - 一桶高能量 - The Talented Mr. Ripley - 组织行为学 - 长安日记 推荐的书： - 20250802 看完《杰克韦尔奇自传》，挺平实的，但想学真挺难 - 20250805 看完 Working: Researching, Interviewing, Writing，惊诧于他的“慢”，也记下了他记住的 Trun Every Page

Google is officially preparing to enter the blockchain market — not with an experimental service, but with its

The post Google’s Secret Weapon: A New Layer 1 Blockchain for Finance appeared first on Penetration Testing Tools.

A vulnerability classified as problematic was found in keylime. The impacted element is an unknown function of the component Registrar Handler. Such manipulation leads to denial of service. This vulnerability is traded as CVE-2023-38200. Access to the local network is required for this attack to succeed. There is no exploit available.