Aggregator

CVE-2025-9904 | Canon Generic Plus PCL6 Printer Driver incorrect behavior order (EUVD-2025-31485)

VulDB Recent Entries
8 months 4 weeks ago
A vulnerability was found in Canon Generic Plus PCL6 Printer Driver, Generic Plus UFR II Printer Driver, Generic Plus LIPS4 Printer Driver, Generic Plus LIPSLX Printer Driver and Generic Plus PS Printer Driver. It has been declared as problematic. This issue affects some unknown processing. The manipulation results in incorrect behavior order. This vulnerability is known as CVE-2025-9904. It is possible to launch the attack remotely. No exploit is available.
vuldb.com

CVE-2025-9903 | Canon Generic Plus PCL6 Printer Driver out-of-bounds write (EUVD-2025-31486)

VulDB Recent Entries
8 months 4 weeks ago
A vulnerability was found in Canon Generic Plus PCL6 Printer Driver, Generic Plus UFR II Printer Driver, Generic Plus LIPS4 Printer Driver, Generic Plus LIPSLX Printer Driver and Generic Plus PS Printer Driver. It has been classified as critical. This vulnerability affects unknown code. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2025-9903. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-7698 | Canon Generic Plus PCL6 Printer Driver out-of-bounds (EUVD-2025-31484)

VulDB Recent Entries
8 months 4 weeks ago
A vulnerability was found in Canon Generic Plus PCL6 Printer Driver, Generic Plus UFR II Printer Driver, Generic Plus LIPS4 Printer Driver, Generic Plus LIPSLX Printer Driver and Generic Plus PS Printer Driver and classified as problematic. This affects an unknown part. Executing manipulation can lead to out-of-bounds read. This vulnerability appears as CVE-2025-7698. The attack may be performed from remote. There is no available exploit.
vuldb.com

F-Droid 发表声明反对 Google 验证应用开发者身份的要求

Solidot
8 months 4 weeks ago
上个月 Google 以安全的名义宣布将验证所有 Android 应用开发者的身份,从明年开始,Google 将屏蔽未经身份验证的开发者的 Android 应用的侧载(sideload)。开源自由软件 Android 应用商店 F-Droid 发表声明反对 Google 的决定。F-Droid 认为,如果这一政策强制推行,包括它在内的第三方应用商店将面临终结。Google 声称是为了安全,但过去几年它的官方应用商店 Google Play 被发现托管了大量恶意程序。它要求验证应用开发者的身份不是为了安全而是为了巩固权力,加强对曾经开放的生态系统的控制。Google 正在构建一个限制竞争和用户自由的阻塞点(choke point)。F-Droid 呼吁对此问题关心的用户向自己所在地区的议员递交反对意见,向欧盟 DMA 请愿,捍卫应用的自由分发。

Firezone: Open-source platform to securely manage remote access

Help Net Security
8 months 4 weeks ago

Firezone is an open-source platform that helps organizations of any size manage secure remote access. Unlike most VPNs, it uses a least-privileged model, giving users only the access they need. Firezone was built to scale from the start, so you can add more gateways as traffic grows. It uses WireGuard, a fast and secure VPN protocol, and adds extra protections like short-lived encryption keys and firewall hole-punching to reduce the attack surface. It is also … More →

The post Firezone: Open-source platform to securely manage remote access appeared first on Help Net Security.

Sinisa Markovic

Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code

Cyber Security News
8 months 4 weeks ago

A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code on a victim’s machine. Tracked as CVE-2025-56383, the flaw exists in version 8.8.3 and potentially affects all installed versions of the software, putting millions of users at risk. The vulnerability enables a local attacker to […]

The post Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code appeared first on Cyber Security News.

Guru Baran

Dutch teens arrested for spying on behalf of pro-Russian hackers

Security Affairs
8 months 4 weeks ago
Dutch police arrested two 17-year-olds for spying for pro-Russian hackers; one jailed, the other placed on home bail. Dutch police arrested two 17-year-olds suspected of spying for pro-Russian hackers. One of the suspects remains in custody, while the other is released on home bail. According the NL times, the arrests followed a tip from Dutch […]
Pierluigi Paganini

Managed ad