Aggregator

Submit #639225 / VDB-321925

A vulnerability was found in OpenText Self Service Password Reset up to 4.8 Patch 2 and classified as critical. Impacted is an unknown function. Such manipulation leads to improper validation of specified quantity in input. This vulnerability is referenced as CVE-2025-5808. It is possible to launch the attack remotely. No exploit is available. Applying a patch is advised to resolve this issue.

Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts. [...]

A vulnerability has been found in SourceCodester Online Book Store 1.0 and classified as critical. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection. The identification of this vulnerability is CVE-2025-9700. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #639227 / VDB-179448

Submit #639224 / VDB-321924

Submit #639216 / VDB-321923

Submit #639215 / VDB-321920

Submit #639213 / VDB-223217

A vulnerability, which was classified as critical, was found in SourceCodester Online Polling System Code 1.0. This vulnerability affects unknown code of the file /admin/checklogin.php. The manipulation of the argument myusername results in sql injection. This vulnerability was named CVE-2025-9699. The attack may be performed from a remote location. In addition, an exploit is available.

A significant global effort to patch a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices has seen the number of exposed systems drop from approximately 28,200 to 12,400 in just one week. Data from The Shadowserver Foundation, a non-profit dedicated to internet security, reveals a rapid response from administrators worldwide, though thousands […]

The post Citrix Netscaler 0-day RCE Vulnerability Patched – Vulnerable Instances Reduced from 28.2K to 12.4K appeared first on Cyber Security News.

Submit #639209 / VDB-206015

Explore the top automated pentesting tools of 2025. Learn how modern platforms detect business logic flaws, deliver true positives, and scale continuous security testing, so security teams can replace manual pentests with faster, more accurate coverage.

The post Top Automated Pentesting Tools (2025) appeared first on Security Boulevard.

Submit #639171 / VDB-321919

Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions. Scary, right? In 2025, the average data breach hits businesses with a whopping $4.44 million bill globally. And guess what? A big

Loyola College Falls Victim to INTERLOCK Ransomware

Submit #639076 / VDB-179607

A vulnerability, which was classified as problematic, has been found in exiv2 up to 0.28.5. This affects the function jpegBase::readMetadata of the component Image Parser. The manipulation leads to inefficient algorithmic complexity. This vulnerability is uniquely identified as CVE-2025-55304. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.