Aggregator

DNS Hijacking 101: How It Happens and What You Can Do to Prevent It

8 months 2 weeks ago

Sam Preston

CVE-2020-10188 | Oracle Communications Performance Intelligence Center Software Mediation server buffer overflow (Nessus ID 266306)

8 months 2 weeks ago

A vulnerability has been found in Oracle Communications Performance Intelligence Center Software 10.4.0.2 and classified as critical. Impacted is an unknown function of the component Mediation server. This manipulation causes buffer overflow. This vulnerability is registered as CVE-2020-10188. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

vuldb.com

CVE-2023-40303 | GNU inetutils up to 2.4 ftpd/rcp/rlogin/rsh/rshd/uucpd set*id return value (Nessus ID 266306)

Vuldb Updates

8 months 2 weeks ago

A vulnerability, which was classified as problematic, was found in GNU inetutils up to 2.4. Affected by this vulnerability is the function set*id of the component ftpd/rcp/rlogin/rsh/rshd/uucpd. Such manipulation leads to unchecked return value. This vulnerability is referenced as CVE-2023-40303. The attack needs to be initiated within the local network. No exploit is available. A patch should be applied to remediate this issue.

vuldb.com

CVE-2019-0053 | Juniper Junos Telnet Client Environment Variable memory corruption (ID 153746 / EDB-45982)

Vuldb Updates

8 months 2 weeks ago

A vulnerability marked as critical has been reported in Juniper Junos. Affected by this issue is some unknown functionality of the component Telnet Client. This manipulation as part of Environment Variable causes memory corruption. This vulnerability appears as CVE-2019-0053. The attack may be initiated remotely. In addition, an exploit is available. It is suggested to upgrade the affected component.

vuldb.com

CVE-2020-10188 | netkit Telnet up to 0.17 telnetd utility.c buffer overflow (DLA 2176-1 / Nessus ID 266306)

Vuldb Updates

8 months 2 weeks ago

A vulnerability labeled as critical has been found in netkit Telnet up to 0.17. This affects an unknown function of the file utility.c of the component telnetd. The manipulation results in buffer overflow. This vulnerability is reported as CVE-2020-10188. The attack can be launched remotely. No exploit exists.

vuldb.com

Multiple NVIDIA Flaws Allow Attackers to Escalate Privileges on Systems

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

8 months 2 weeks ago

NVIDIA has issued a critical security bulletin revealing multiple vulnerabilities in its NVIDIA App software that can enable attackers to escalate privileges on Windows systems. The flaws, addressed in the September 2025 update, stem from improper file handling during the installation of Frameview SDK components. Users of NVIDIA App on Windows 10 and 11 are […]

The post Multiple NVIDIA Flaws Allow Attackers to Escalate Privileges on Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2024-21544 | spatie browsershot up to 5.0.0 URL Validation setUrl file inclusion (SNYK-PHP-SPATIEBROWSERSHOT-8496745 / EUVD-2024-3469)

Vuldb Updates

8 months 2 weeks ago

A vulnerability classified as problematic was found in spatie browsershot up to 5.0.0. The impacted element is the function setUrl of the component URL Validation Handler. Such manipulation leads to file inclusion. This vulnerability is listed as CVE-2024-21544. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

vuldb.com

CVE-2025-61622 | Apache Fory up to 0.12.2 Python pickle.loads deserialization (EUVD-2025-31867)

Vuldb Updates

8 months 2 weeks ago

A vulnerability was found in Apache Fory up to 0.12.2. It has been declared as critical. The impacted element is the function pickle.loads of the component Python. Such manipulation leads to deserialization. This vulnerability is traded as CVE-2025-61622. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Quantum Resistance and Coding for a Post-Quantum Bitcoin

Hack Read

8 months 2 weeks ago

Bitcoin was created with strong cryptography, based on mathematical problems so complex that even the most powerful computers…

Owais Sultan

Fuel iX Fortify helps enterprises expose GenAI vulnerabilities at scale

Help Net Security

8 months 2 weeks ago

TELUS Digital has released its continuous automated red-teaming application, Fuel iX Fortify. The solution helps enterprises test GenAI systems at scale and identify vulnerabilities by simulating real-world attack scenarios using advanced adversarial techniques. Fuel iX Fortify runs thousands of adversarial attacks on AI-powered assistants, copilots and applications in minutes, helping organizations uncover AI risks before they can be exploited. With an ever-evolving database of adversary tactics, techniques and procedures, Fortify stays ahead of emerging attack … More →

The post Fuel iX Fortify helps enterprises expose GenAI vulnerabilities at scale appeared first on Help Net Security.

Industry News

CVE-2023-5557 | tracker-miners sandbox (EUVD-2023-57857 / Nessus ID 242769)

Vuldb Updates

8 months 2 weeks ago

A vulnerability marked as critical has been reported in tracker-miners. This affects an unknown function. Performing manipulation results in sandbox issue. This vulnerability is known as CVE-2023-5557. Remote exploitation of the attack is possible. No exploit is available.

vuldb.com

CVE-2023-3972 | Red Hat insights-client temp file (EUVD-2023-44597 / Nessus ID 239778)

Vuldb Updates

8 months 2 weeks ago

A vulnerability categorized as critical has been discovered in Red Hat insights-client. The impacted element is an unknown function. The manipulation results in insecure temporary file. This vulnerability is reported as CVE-2023-3972. The attacker must have access to the local network to execute the attack. No exploit exists.

vuldb.com