Aggregator

Америка снова обсуждает мобильные ракеты, как в 80-е.

A vulnerability classified as problematic was found in Flock Safety Falcon and Sparrow License Plate Reader 1.171019.026. This vulnerability affects unknown code. The manipulation results in missing encryption of sensitive data. This vulnerability is reported as CVE-2025-59409. The attack requires a local approach. No exploit exists.

A vulnerability classified as critical has been found in Flock Safety Bravo Edge AI Compute Device 6.21.11 on Android. This affects an unknown part of the component com.flocksafety.android.pisco. The manipulation leads to missing encryption of sensitive data. This vulnerability is documented as CVE-2025-59406. The attack needs to be performed locally. There is not any exploit available.

A vulnerability described as critical has been identified in Flock Safety Bravo Edge AI Compute Device 6.35.33 on Android. Affected by this issue is some unknown functionality of the file flock_rye.bks of the component com.flocksafety.android.objects. Executing manipulation can lead to use of hard-coded password. This vulnerability is registered as CVE-2025-59407. The attack needs to be launched locally. No exploit is available.

A vulnerability marked as critical has been reported in Flock Safety Bravo Edge AI Compute Device 7.38.3 on Android. Affected by this vulnerability is an unknown functionality of the component com.flocksafety.android.peripheral. Performing manipulation results in missing encryption of sensitive data. This vulnerability is cataloged as CVE-2025-59405. The attack must be initiated from a local position. There is no exploit available.

A vulnerability labeled as problematic has been found in Agasta Easytouch+ 9.3.97. Affected is an unknown function of the component Bluetooth Low Energy Handler. Such manipulation leads to denial of service. This vulnerability is listed as CVE-2025-56019. The attack must be carried out from within the local network. There is no available exploit.

Microsoft says Outlook for Web and the new Outlook for Windows will no longer display risky inline SVG images that are being used in attacks. [...]

A vulnerability classified as critical has been found in Tenda AC18 15.03.05.19. This issue affects the function fromAdvSetMacMtuWan. The manipulation of the argument cloneType leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-60661. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Tenda AC18 15.03.05.19. The affected element is the function fromAdvSetMacMtuWan. This manipulation of the argument mac causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-60660. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in Tenda AC18 15.03.05.19. The impacted element is the function fromAdvSetMacMtuWan. Such manipulation of the argument wanSpeed leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-60662. The attack can be launched remotely. No exploit exists.

A vulnerability has been found in TP-Link AX1800 and classified as critical. This affects an unknown part of the file minidlna-1.1.2/upnpsoap.c. The manipulation of the argument db_dir leads to stack-based buffer overflow. This vulnerability is referenced as CVE-2023-28760. The attack needs to be initiated within the local network. No exploit is available.

A vulnerability classified as critical was found in Tenda AC18 15.03.05.19. Impacted is the function fromAdvSetMacMtuWan. The manipulation of the argument wanMTU results in stack-based buffer overflow. This vulnerability is known as CVE-2025-60663. It is possible to launch the attack remotely. No exploit is available.

CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor via malicious Excel XLL add-ins spotted in Sept 2025. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyberattacks by the group UAC-0245 using the CABINETRAT backdoor. The campaign, seen in September 2025, involved malicious Excel XLL add-ins posing as software tools (e.g. “UBD Request.xll”, “recept_ruslana_nekitenko.xll”). […]

Google изобрела «спокойный ритм» печати.