Aggregator

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon WBC and Snapdragon Wearables and classified as critical. This affects an unknown function of the component IOCTL Command Handler. The manipulation results in use after free. This vulnerability was named CVE-2025-21456. The attack needs to be approached locally. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability was found in Siemens SIMATIC RTLS Locating Manager up to 3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. Executing manipulation can lead to improper input validation. This vulnerability appears as CVE-2025-40746. The attack may be performed from a remote location. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Siemens SINEC Traffic Analyzer. This affects an unknown part. The manipulation results in channel accessible by non-endpoint. This vulnerability is known as CVE-2025-40770. Attacking locally is a requirement. No exploit is available.

A vulnerability has been found in Siemens Simcenter Femap V2406 and Simcenter Femap V2412 and classified as critical. Affected by this vulnerability is an unknown functionality of the component STP File Parser. Performing manipulation results in out-of-bounds write. This vulnerability is cataloged as CVE-2025-40762. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in Siemens Simcenter Femap V2406 and Simcenter Femap V2412 and classified as critical. Affected by this issue is some unknown functionality of the component BMP File Parser. Executing manipulation can lead to out-of-bounds read. This vulnerability is registered as CVE-2025-40764. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Siemens SIMATIC RTLS Locating Manager up to 3.2. Impacted is an unknown function of the component Local Loopback Interface. Such manipulation leads to reachable assertion. This vulnerability is traded as CVE-2025-30034. An attack has to be approached locally. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability labeled as problematic has been found in Siemens SIMATIC RTLS Locating Manager up to 3.2. The impacted element is an unknown function. Executing manipulation can lead to insufficiently protected credentials. This vulnerability is handled as CVE-2025-40751. It is possible to launch the attack on the local host. There is not any exploit available. The affected component should be upgraded.

字节跳动开源Seed-OSS-36B系列AI模型，支持512K上下文处理长文档和复杂推理。采用Apache-2.0许可证免费使用，提供多个版本供开发者选择。

三菱電機製の空調管理システムには、認証回避の脆弱性が存在します。

文章指出 Steam 用户购买的游戏中有 56.7% 从未被游玩过，平均每 10 款游戏中约有 5.7 款未被打开。通过随机调查 22 位好友及其好友的数据得出这一结论，并引用游戏从业者的研究进一步证实 Steam 用户囤积未玩游戏的现象普遍。

谷歌与苹果围绕绿色与蓝色气泡的争议已结束。苹果计划在iOS26中支持RCS消息的端到端加密协议MLS，实现更安全的通信。

Забудьте про множество таскеров и разрознённые задачи в ИБ.

Intermesh BVが提供するGroup-Officeには、複数の脆弱性が存在します。

本周，互联网网络安全态势整体评价为良。

当前网络环境出现异常，需完成验证后方可继续访问。