Aggregator

CVE-2024-44758 | NUS-M9 ERP Management Software 3.0.0 /Production/UploadFile unrestricted upload

8 months 3 weeks ago

A vulnerability classified as critical was found in NUS-M9 ERP Management Software 3.0.0. This affects an unknown part of the file /Production/UploadFile. Such manipulation leads to unrestricted upload. This vulnerability is listed as CVE-2024-44758. The attack may be performed from remote. There is no available exploit.

vuldb.com

CVE-2024-51875 | Nazmul Ahsan MDC YouTube Downloader Plugin up to 3.0.0 on WordPress cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability marked as problematic has been reported in Nazmul Ahsan MDC YouTube Downloader Plugin up to 3.0.0 on WordPress. Impacted is an unknown function. Performing manipulation results in cross site scripting. This vulnerability is known as CVE-2024-51875. Remote exploitation of the attack is possible. No exploit is available.

vuldb.com

CVE-2025-5702 | GNU C Library 2.39 on Power10 control flow (EUVD-2025-17009 / Nessus ID 240529)

Vuldb Updates

8 months 3 weeks ago

A vulnerability has been found in GNU C Library 2.39 on Power10 and classified as critical. This impacts an unknown function. Performing manipulation results in incorrect control flow. This vulnerability is known as CVE-2025-5702. Remote exploitation of the attack is possible. No exploit is available.

vuldb.com

CVE-2025-1556 | westboy CicadasCMS 1.0 Template Management /system deserialization

Vuldb Updates

8 months 3 weeks ago

A vulnerability classified as problematic was found in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system of the component Template Management. Executing manipulation can lead to deserialization. This vulnerability is handled as CVE-2025-1556. The attack can be executed remotely. Additionally, an exploit exists.

vuldb.com

Meet SpamGPT and MatrixPDF, AI Toolkits Driving Malware Attacks

Hack Read

8 months 3 weeks ago

Cybersecurity researchers at Varonis have discovered two new plug-and-play cybercrime toolkits, MatrixPDF and SpamGPT. Learn how these AI-powered tools make mass phishing and PDF malware accessible to anyone, redefining online security risks.

Deeba Ahmed

Akira

Dark Feed IO

8 months 3 weeks ago

You must login to view this content

cohenido

New DNS Malware Detour Dog Delivers Strela Stealer Using DNS TXT Records

Cyber Security News

8 months 3 weeks ago

A sophisticated DNS-based malware campaign has emerged, utilizing thousands of compromised websites worldwide to deliver the Strela Stealer information-stealing malware through an unprecedented technique involving DNS TXT records. The threat, tracked as Detour Dog by security researchers, represents a significant evolution in malware distribution methods that leverages the Domain Name System as both a command-and-control […]

The post New DNS Malware Detour Dog Delivers Strela Stealer Using DNS TXT Records appeared first on Cyber Security News.

Tushar Subhra Dutta

Открыли PDF из Gmail? Поздравляем, MatrixPDF уже подключился к серверу хакера. Даже без вашего клика

Securitylab.ru

8 months 3 weeks ago

Надпись «Открыть защищённый документ» ещё никогда не была такой опасной.

[Darknetlive Archive] Operation SpecTor: Hundreds of Vendors Arrested

Dark Web Informer - Cyber Threat Intelligence

8 months 3 weeks ago

[Darknetlive Archive] Operation SpecTor: Hundreds of Vendors Arrested

Dark Web Informer

SecWiki News 2025-10-01 Review

SecWiki News(国内外安全资讯)

8 months 3 weeks ago

今日暂未更新资讯~
更多最新文章，请访问SecWiki

CVE-2024-48531 | eSoft Planner 3.24.08271-USA Rental Availability cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability, which was classified as problematic, has been found in eSoft Planner 3.24.08271-USA. This vulnerability affects unknown code of the component Rental Availability Module. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-48531. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2024-48534 | eSoft Planner 3.24.08271-USA Camp Details cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability, which was classified as problematic, was found in eSoft Planner 3.24.08271-USA. This issue affects some unknown processing of the component Camp Details Module. The manipulation results in cross site scripting. This vulnerability is known as CVE-2024-48534. It is possible to launch the attack remotely. No exploit is available.

vuldb.com

CVE-2024-48535 | eSoft Planner 3.24.08271-USA Name cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in eSoft Planner 3.24.08271-USA and classified as problematic. The affected element is an unknown function. Such manipulation of the argument Name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-48535. The attack can be launched remotely. No exploit exists.

vuldb.com

CVE-2024-36975 | Linux Kernel up to 5.15.159/6.1.91/6.6.31/6.8.10/6.9.1 lib/asn1_encode.c asn1_encode_sequence return value (Nessus ID 238278)

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in Linux Kernel up to 5.15.159/6.1.91/6.6.31/6.8.10/6.9.1 and classified as problematic. Affected is the function asn1_encode_sequence in the library lib/asn1_encode.c. Such manipulation leads to unchecked return value. This vulnerability is documented as CVE-2024-36975. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.

vuldb.com

【资料】蛙军将如何应对我军两栖攻击舰？

丁爸情报分析师的工具箱

8 months 3 weeks ago

2024年12月27日，根据央视的报道，我国第一艘076两栖攻击舰在上海正式下水服役。

Marine stelt Zr.Ms. Den Helder in dienst

Defensie.nl - Nieuwsberichten

8 months 3 weeks ago

De Koninklijke Marine heeft vandaag het Combat Support Ship (CSS) Den Helder officieel in dienst gesteld. Tijdens een feestelijke ceremonie ontving het schip het predicaat Zijner Majesteits (Zr.Ms.) Den Helder. Voor de marine is dit een bijzondere mijlpaal in de versterking en vernieuwing van de vloot.

Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware

Cyber Security News

8 months 3 weeks ago

In recent weeks, security analysts have observed a new wave of macOS attacks leveraging legitimately issued Extended Validation (EV) certificates to sign malicious disk images (DMGs). This technique allows malware authors to evade detection by VirusTotal and built-in macOS security checks. The campaign first surfaced when multiple samples appeared on threat intelligence feeds, each bearing […]

The post Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware appeared first on Cyber Security News.

Tushar Subhra Dutta

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

Information Security Magazine

8 months 3 weeks ago

Broadcom has released security patches for critical flaws affecting several VMware products

Kindle Scribe 加入 AI 驱动的笔记本功能

Solidot

8 months 3 weeks ago

亚马逊推出了三款 Kindle Scribe 新版本。Kindle Scribe 是专为笔记和阅读而设计的电子书阅读器，新版本配备了 11 英寸防眩光 E Ink 显示屏，而旧版本使用的是 10.2 英寸。Kindle Scribe 新版本包括了标准版，起售价 499.99 美元；无前置灯的版本售价 429.99 美元；彩色版售价 629.99 美元。新型号还改进了书写和翻译速度，比上一代提升 40%；支持 AI 驱动的笔记搜索和摘要，支持访问 Google Drive 和Microsoft OneDrive 中的文档，支持将可编辑的笔记文本导出到 OneNote。

20 ватт против мегаватта: бактериальный нейрон унизил ChatGPT в 50 000 раз

Securitylab.ru

8 months 3 weeks ago

0,1 вольта — именно столько нужно, чтобы подключиться к живому мозгу.

Aggregator

Managed ad